Overview

overview

10

Static

static

10

2024-12-23...ekoobe

macos-10.15-amd64

5

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-12-23_759afeffbcc63fc48627488abf3bfbd1_adload_evilquest_rekoobe

  • Size

    168KB

  • Sample

    241223-1q1qaaspcl

  • MD5

    759afeffbcc63fc48627488abf3bfbd1

  • SHA1

    c41a71ee3fa993de011236f3b9b0c4b769c5b63e

  • SHA256

    9eae711222e522c1e8911a318e3a7b786907dfcf54b82092cebd18ba23c6b3de

  • SHA512

    b689a2f7838260e93250026d770a954aef2f6fa4df146b67b1b54b8e99d3eb431a8673ad200841c0eadb0a5681a9e9f7b24336006c2968c6b9312dacf566b50b

  • SSDEEP

    3072:cx6SZwEgOQtbap1jZNFnYo6w68cqhS2iJvHLzxq9X0:5SeOQdaZNxtk8cqhSxvHY9

Score
10/10
evilquestevasionexecutionmacospersistence

Malware Config

Targets

    • Target

      2024-12-23_759afeffbcc63fc48627488abf3bfbd1_adload_evilquest_rekoobe

    • Size

      168KB

    • MD5

      759afeffbcc63fc48627488abf3bfbd1

    • SHA1

      c41a71ee3fa993de011236f3b9b0c4b769c5b63e

    • SHA256

      9eae711222e522c1e8911a318e3a7b786907dfcf54b82092cebd18ba23c6b3de

    • SHA512

      b689a2f7838260e93250026d770a954aef2f6fa4df146b67b1b54b8e99d3eb431a8673ad200841c0eadb0a5681a9e9f7b24336006c2968c6b9312dacf566b50b

    • SSDEEP

      3072:cx6SZwEgOQtbap1jZNFnYo6w68cqhS2iJvHLzxq9X0:5SeOQdaZNxtk8cqhSxvHY9

    Score
    5/10
    evasionexecutionpersistence

    • Launch Agent

      Adversaries may create or modify launch agents to repeatedly execute malicious payloads as part of persistence.

      persistence

    • Launch Daemon

      Adversaries may create or modify Launch Daemons to execute malicious payloads as part of persistence. Launch Daemons are plist files used to interact with Launchd, the service management framework used by macOS.

      persistence
    behavioral1

MITRE ATT&CK Enterprise v15

Tasks