Overview

overview

10

Static

static

10

2024-12-23...ekoobe

macos-10.15-amd64

5

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-12-23_7ed39defc23aea94f437c5f85dd4579e_adload_evilquest_rekoobe

  • Size

    168KB

  • Sample

    241223-23hkxavkeq

  • MD5

    7ed39defc23aea94f437c5f85dd4579e

  • SHA1

    6c3906d04f6ac713b388b1f5b5fda9e120e92b7a

  • SHA256

    b0d789104a5034ccedf5da53af5e86ab65f2e456d0b3a3f84ebdbf52c6f13e67

  • SHA512

    509665844e6bfbfcab14d556a5ccae1257640eff8e4c8b0784624ed42c78a9399319e95b1e7daf8eb5dbb426c97b92e813cb49971d39bee4572503ecc25a2762

  • SSDEEP

    3072:cx6SZwEgOQtbap1jZNFnYo6w68cqhS2iJvHLzxq9j0:5SeOQdaZNxtk8cqhSxvHY9

Score
10/10
evilquestexecutionmacospersistence

Malware Config

Targets

    • Target

      2024-12-23_7ed39defc23aea94f437c5f85dd4579e_adload_evilquest_rekoobe

    • Size

      168KB

    • MD5

      7ed39defc23aea94f437c5f85dd4579e

    • SHA1

      6c3906d04f6ac713b388b1f5b5fda9e120e92b7a

    • SHA256

      b0d789104a5034ccedf5da53af5e86ab65f2e456d0b3a3f84ebdbf52c6f13e67

    • SHA512

      509665844e6bfbfcab14d556a5ccae1257640eff8e4c8b0784624ed42c78a9399319e95b1e7daf8eb5dbb426c97b92e813cb49971d39bee4572503ecc25a2762

    • SSDEEP

      3072:cx6SZwEgOQtbap1jZNFnYo6w68cqhS2iJvHLzxq9j0:5SeOQdaZNxtk8cqhSxvHY9

    Score
    5/10
    executionpersistence

    • Launch Agent

      Adversaries may create or modify launch agents to repeatedly execute malicious payloads as part of persistence.

      persistence

    • Launch Daemon

      Adversaries may create or modify Launch Daemons to execute malicious payloads as part of persistence. Launch Daemons are plist files used to interact with Launchd, the service management framework used by macOS.

      persistence
    behavioral1

MITRE ATT&CK Enterprise v15

Tasks