Overview

overview

10

Static

static

10

2024-12-03...ekoobe

macos-10.15-amd64

5

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-12-03_fb46cdb2b3a334a17a135ec3f1e207bb_adload_evilquest_rekoobe

  • Size

    168KB

  • Sample

    241203-gh9tfasndw

  • MD5

    fb46cdb2b3a334a17a135ec3f1e207bb

  • SHA1

    428bdaee31b66208c8efe1a1a5159d990a92c16e

  • SHA256

    90dbb6284f4f315df334b56ee18121c956a08127e7209888e5e2dc04e9b7eb29

  • SHA512

    5a6520f91d61020a8976dd3c36b8e54b0b59a65db2aa52fb6f3a18af9ad19a1173ba4fad9f2e6aeb17cea0d9fa56f14457a9c2a8af67eb2f92e7dc238664272d

  • SSDEEP

    3072:cx6SZwEgOQtbap1jZNFnYo6w68cqhS2iJvHLzxq9sp0:5SeOQdaZNxtk8cqhSxvHY9s

Score
10/10
evilquestevasionexecutionmacospersistence

Malware Config

Targets

    • Target

      2024-12-03_fb46cdb2b3a334a17a135ec3f1e207bb_adload_evilquest_rekoobe

    • Size

      168KB

    • MD5

      fb46cdb2b3a334a17a135ec3f1e207bb

    • SHA1

      428bdaee31b66208c8efe1a1a5159d990a92c16e

    • SHA256

      90dbb6284f4f315df334b56ee18121c956a08127e7209888e5e2dc04e9b7eb29

    • SHA512

      5a6520f91d61020a8976dd3c36b8e54b0b59a65db2aa52fb6f3a18af9ad19a1173ba4fad9f2e6aeb17cea0d9fa56f14457a9c2a8af67eb2f92e7dc238664272d

    • SSDEEP

      3072:cx6SZwEgOQtbap1jZNFnYo6w68cqhS2iJvHLzxq9sp0:5SeOQdaZNxtk8cqhSxvHY9s

    Score
    5/10
    evasionexecutionpersistence

    • Launch Agent

      Adversaries may create or modify launch agents to repeatedly execute malicious payloads as part of persistence.

      persistence

    • Launch Daemon

      Adversaries may create or modify Launch Daemons to execute malicious payloads as part of persistence. Launch Daemons are plist files used to interact with Launchd, the service management framework used by macOS.

      persistence
    behavioral1

MITRE ATT&CK Enterprise v15

Tasks