evilquest | e06b43b43d2ef9c7893fd918913dd8dbc9c894cd8895c7eacb2eda85012671d8 | Triage

Sharing

General

Target

2024-10-04_e8922355b553c1f7f5be7fbf25af0b4c_adload_evilquest_rekoobe
Size

337KB
Sample

241004-yegf6aselj
MD5

e8922355b553c1f7f5be7fbf25af0b4c
SHA1

2367e98701e017d89abf84a94d76893ffe32715a
SHA256

e06b43b43d2ef9c7893fd918913dd8dbc9c894cd8895c7eacb2eda85012671d8
SHA512

0f98458e35c292d5e50fa22bfb75fd2e187b46a81bd0b3a945d9e588baffbd51a0d39cdf4100d20775832dc7db340d320a9f3c5bba0e4693b00dbe49b7f865bb
SSDEEP

6144:5SeOQdaZNxtk8cqhSxvHY9yuSeOQdaZNxtk8cqhSxvHY9y:5LOQdaDxq8cqavHY9LOQdaDxq8cqavHY

Score

10^/10

evilquest evasion execution macos persistence

Malware Config

Targets

- Target
  
  2024-10-04_e8922355b553c1f7f5be7fbf25af0b4c_adload_evilquest_rekoobe
- Size
  
  337KB
- MD5
  
  e8922355b553c1f7f5be7fbf25af0b4c
- SHA1
  
  2367e98701e017d89abf84a94d76893ffe32715a
- SHA256
  
  e06b43b43d2ef9c7893fd918913dd8dbc9c894cd8895c7eacb2eda85012671d8
- SHA512
  
  0f98458e35c292d5e50fa22bfb75fd2e187b46a81bd0b3a945d9e588baffbd51a0d39cdf4100d20775832dc7db340d320a9f3c5bba0e4693b00dbe49b7f865bb
- SSDEEP
  
  6144:5SeOQdaZNxtk8cqhSxvHY9yuSeOQdaZNxtk8cqhSxvHY9y:5LOQdaDxq8cqavHY9LOQdaDxq8cqavHY
Score

5^/10

evasion execution persistence
- Launch Agent
  Adversaries may create or modify launch agents to repeatedly execute malicious payloads as part of persistence.
  persistence
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

AppleScript

System Services

Launchctl

Persistence

Create or Modify System Process

Launch Agent

Privilege Escalation

Create or Modify System Process

Launch Agent

Defense Evasion

Hide Artifacts

Resource Forking

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionexecutionpersistence