General
-
Target
2024-12-06_09f62425b692dcba519f513cfb41f5a3_adload_evilquest_rekoobe
-
Size
177KB
-
Sample
241206-tt757swmhs
-
MD5
09f62425b692dcba519f513cfb41f5a3
-
SHA1
c3e6e14b5dbbf9dd29e3f0a6d64af89235452af3
-
SHA256
cca7004b6a6c3e2350b229d615183a65ef299068ccf6556d35a61ef6243e7896
-
SHA512
adf852074d4838bdf5e010545764b306570bdcc1ad1100f92666ef34ff3aff9568d16e78f956567dbf0efa18b5fb6c0a897dea844c6e36765c88c3e7c48929c7
-
SSDEEP
3072:cx6SZwEgOQtbap1jZNFnYo6w68cqhS2iJvHLzxq9Uk0t:5SeOQdaZNxtk8cqhSxvHY9Up
Behavioral task
behavioral1
Sample
2024-12-06_09f62425b692dcba519f513cfb41f5a3_adload_evilquest_rekoobe
Resource
macos-20241106-en
Malware Config
Targets
-
-
Target
2024-12-06_09f62425b692dcba519f513cfb41f5a3_adload_evilquest_rekoobe
-
Size
177KB
-
MD5
09f62425b692dcba519f513cfb41f5a3
-
SHA1
c3e6e14b5dbbf9dd29e3f0a6d64af89235452af3
-
SHA256
cca7004b6a6c3e2350b229d615183a65ef299068ccf6556d35a61ef6243e7896
-
SHA512
adf852074d4838bdf5e010545764b306570bdcc1ad1100f92666ef34ff3aff9568d16e78f956567dbf0efa18b5fb6c0a897dea844c6e36765c88c3e7c48929c7
-
SSDEEP
3072:cx6SZwEgOQtbap1jZNFnYo6w68cqhS2iJvHLzxq9Uk0t:5SeOQdaZNxtk8cqhSxvHY9Up
Score10/10-
EvilQuest payload
-
Evilquest family
-
Launch Agent
Adversaries may create or modify launch agents to repeatedly execute malicious payloads as part of persistence.
-
Launch Daemon
Adversaries may create or modify Launch Daemons to execute malicious payloads as part of persistence. Launch Daemons are plist files used to interact with Launchd, the service management framework used by macOS.
-