evilquest | d76f86a80a86dd903347797e366c2ae75bcc00016913fc17f248cbb1193bcbda | Triage

Sharing

General

Target

2024-12-23_7e428ba0e4c8460e038ceb0439b63c69_adload_evilquest_rekoobe
Size

168KB
Sample

241223-1rjhdsspdn
MD5

7e428ba0e4c8460e038ceb0439b63c69
SHA1

3d0f28d02d5be5744fda5a43bb6a382ae9fafe3d
SHA256

d76f86a80a86dd903347797e366c2ae75bcc00016913fc17f248cbb1193bcbda
SHA512

418332ae3aa978f87ed77fd9084e0e0f105c285dcec49b0e735cf64fefaff9e32cce6d62e0b81f1d679fbe25f5e7092aa9d9ddba898c16622a26c3bcc6ad8d71
SSDEEP

3072:cx6SZwEgOQtbap1jZNFnYo6w68cqhS2iJvHLzxq9R0:5SeOQdaZNxtk8cqhSxvHY9

Score

10^/10

evilquest evasion execution macos persistence

Malware Config

Targets

- Target
  
  2024-12-23_7e428ba0e4c8460e038ceb0439b63c69_adload_evilquest_rekoobe
- Size
  
  168KB
- MD5
  
  7e428ba0e4c8460e038ceb0439b63c69
- SHA1
  
  3d0f28d02d5be5744fda5a43bb6a382ae9fafe3d
- SHA256
  
  d76f86a80a86dd903347797e366c2ae75bcc00016913fc17f248cbb1193bcbda
- SHA512
  
  418332ae3aa978f87ed77fd9084e0e0f105c285dcec49b0e735cf64fefaff9e32cce6d62e0b81f1d679fbe25f5e7092aa9d9ddba898c16622a26c3bcc6ad8d71
- SSDEEP
  
  3072:cx6SZwEgOQtbap1jZNFnYo6w68cqhS2iJvHLzxq9R0:5SeOQdaZNxtk8cqhSxvHY9
Score

5^/10

evasion execution persistence
- Launch Agent
  Adversaries may create or modify launch agents to repeatedly execute malicious payloads as part of persistence.
  persistence
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

AppleScript

System Services

Launchctl

Persistence

Create or Modify System Process

Launch Agent

Privilege Escalation

Create or Modify System Process

Launch Agent

Defense Evasion

Hide Artifacts

Resource Forking

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionexecutionpersistence