evilquest | a2b306afc0f6440e8fe6376b6423f305221bb7b76c45720d8eeeaddacec03185 | Triage

Sharing

General

Target

a2b306afc0f6440e8fe6376b6423f305221bb7b76c45720d8eeeaddacec03185
Size

337KB
Sample

241022-q5fnjszfjm
MD5

f599b96cb7bb9719b34a204db9c816d7
SHA1

5d4aeb6c6cacd179475a3491b2b1785a7b63738a
SHA256

a2b306afc0f6440e8fe6376b6423f305221bb7b76c45720d8eeeaddacec03185
SHA512

77f591c62f6d67425e4d320540ffcdbea4e782ff57bd5d7ee24c0c1a5beacbcf29c9cef72f409aa8216b2cf10100bb660f6506121fa18e5b1243f172359c5a6c
SSDEEP

6144:5SeOQdaZNxtk8cqhSxvHY9cSeOQdaZNxtk8cqhSxvHY9:5LOQdaDxq8cqavHYuLOQdaDxq8cqavHY

Score

10^/10

evilquest evasion execution macos persistence

Malware Config

Targets

- Target
  
  a2b306afc0f6440e8fe6376b6423f305221bb7b76c45720d8eeeaddacec03185
- Size
  
  337KB
- MD5
  
  f599b96cb7bb9719b34a204db9c816d7
- SHA1
  
  5d4aeb6c6cacd179475a3491b2b1785a7b63738a
- SHA256
  
  a2b306afc0f6440e8fe6376b6423f305221bb7b76c45720d8eeeaddacec03185
- SHA512
  
  77f591c62f6d67425e4d320540ffcdbea4e782ff57bd5d7ee24c0c1a5beacbcf29c9cef72f409aa8216b2cf10100bb660f6506121fa18e5b1243f172359c5a6c
- SSDEEP
  
  6144:5SeOQdaZNxtk8cqhSxvHY9cSeOQdaZNxtk8cqhSxvHY9:5LOQdaDxq8cqavHYuLOQdaDxq8cqavHY
Score

5^/10

evasion execution persistence
- Launch Agent
  Adversaries may create or modify launch agents to repeatedly execute malicious payloads as part of persistence.
  persistence
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

AppleScript

System Services

Launchctl

Persistence

Create or Modify System Process

Launch Agent

Privilege Escalation

Create or Modify System Process

Launch Agent

Defense Evasion

Hide Artifacts

Resource Forking

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionexecutionpersistence