evilquest | cb35b035fe963f70a2a09b6741655a5f0d38ad73a76e259b1e0ae124dd5191e1 | Triage

Submit
Reports

Overview

overview

Static

static

2024-12-16...ekoobe

macos-10.15-amd64

Sharing

General

Target

2024-12-16_1b10e5b90f947db8fe0e832aea4550ec_adload_evilquest_rekoobe
Size

168KB
Sample

241216-vxjsfswmd1
MD5

1b10e5b90f947db8fe0e832aea4550ec
SHA1

582fb719af3d12bc1cfcd42d9f231b00f8c13b6f
SHA256

cb35b035fe963f70a2a09b6741655a5f0d38ad73a76e259b1e0ae124dd5191e1
SHA512

74ec650d1e371a08200c83bc11509006338894809997db60a8fa2935f138af01dedd12f7d11efbd5e37baa587e497ae51419c7afd0597543df4d9bdb33279977
SSDEEP

3072:cx6SZwEgOQtbap1jZNFnYo6w68cqhS2iJvHLzxq9hI0:5SeOQdaZNxtk8cqhSxvHY9h

Score

10^/10

evilquest backdoor execution macos persistence

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

2024-12-16_1b10e5b90f947db8fe0e832aea4550ec_adload_evilquest_rekoobe

Resource

macos-20241101-en

evilquest backdoor execution persistence

macos-10.15-amd64

6 signatures

150 seconds

Malware Config

Targets

- Target
  
  2024-12-16_1b10e5b90f947db8fe0e832aea4550ec_adload_evilquest_rekoobe
- Size
  
  168KB
- MD5
  
  1b10e5b90f947db8fe0e832aea4550ec
- SHA1
  
  582fb719af3d12bc1cfcd42d9f231b00f8c13b6f
- SHA256
  
  cb35b035fe963f70a2a09b6741655a5f0d38ad73a76e259b1e0ae124dd5191e1
- SHA512
  
  74ec650d1e371a08200c83bc11509006338894809997db60a8fa2935f138af01dedd12f7d11efbd5e37baa587e497ae51419c7afd0597543df4d9bdb33279977
- SSDEEP
  
  3072:cx6SZwEgOQtbap1jZNFnYo6w68cqhS2iJvHLzxq9hI0:5SeOQdaZNxtk8cqhSxvHY9h
Score

10^/10

evilquest backdoor execution persistence
- EvilQuest
  EvilQuest family.
  backdoor evilquest
- EvilQuest payload
- Evilquest family
  evilquest
- Launch Agent
  Adversaries may create or modify launch agents to repeatedly execute malicious payloads as part of persistence.
  persistence
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

AppleScript

System Services

Launchctl

Persistence

Create or Modify System Process

Launch Agent

Privilege Escalation

Create or Modify System Process

Launch Agent

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evilquestbackdoorexecutionpersistence

© 2018-2024

Terms | Privacy