evilquest | ff47b3d1273e384159e70eebaab382084e7671d2517fe0bdd108e3f9c44d60ce | Triage

Sharing

General

Target

2024-12-23_3c196715f4a0d48df49ed6641bfb9f4b_adload_evilquest_rekoobe
Size

168KB
Sample

241223-1ra61sspdj
MD5

3c196715f4a0d48df49ed6641bfb9f4b
SHA1

800e97b0ddeed06a54e8a5e1b9147656f22ab76e
SHA256

ff47b3d1273e384159e70eebaab382084e7671d2517fe0bdd108e3f9c44d60ce
SHA512

81f172ef75fdad7084767c8cb1295f5ab70a6e5a15d63605e13393c897f8fec6a1115a351dd2cb9f824bc49637531e99547115d213eef950c472e4af08c75dcd
SSDEEP

3072:cx6SZwEgOQtbap1jZNFnYo6w68cqhS2iJvHLzxq9h50:5SeOQdaZNxtk8cqhSxvHY9h

Score

10^/10

evilquest execution macos persistence

Malware Config

Targets

- Target
  
  2024-12-23_3c196715f4a0d48df49ed6641bfb9f4b_adload_evilquest_rekoobe
- Size
  
  168KB
- MD5
  
  3c196715f4a0d48df49ed6641bfb9f4b
- SHA1
  
  800e97b0ddeed06a54e8a5e1b9147656f22ab76e
- SHA256
  
  ff47b3d1273e384159e70eebaab382084e7671d2517fe0bdd108e3f9c44d60ce
- SHA512
  
  81f172ef75fdad7084767c8cb1295f5ab70a6e5a15d63605e13393c897f8fec6a1115a351dd2cb9f824bc49637531e99547115d213eef950c472e4af08c75dcd
- SSDEEP
  
  3072:cx6SZwEgOQtbap1jZNFnYo6w68cqhS2iJvHLzxq9h50:5SeOQdaZNxtk8cqhSxvHY9h
Score

5^/10

execution persistence
- Launch Agent
  Adversaries may create or modify launch agents to repeatedly execute malicious payloads as part of persistence.
  persistence
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

AppleScript

System Services

Launchctl

Persistence

Create or Modify System Process

Launch Agent

Privilege Escalation

Create or Modify System Process

Launch Agent

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

executionpersistence