evilquest | 7ccd5f27595ab4820800a51b8cc7cfc0a30bcbd363ea9b31bcc9aae0306f4915 | Triage

Sharing

General

Target

2024-12-23_65f317376f90a69f37b1f7c55c521451_adload_evilquest_rekoobe
Size

168KB
Sample

241223-25v9savlbn
MD5

65f317376f90a69f37b1f7c55c521451
SHA1

5a826f2279378d8bb8786e76a34bd38d2b955240
SHA256

7ccd5f27595ab4820800a51b8cc7cfc0a30bcbd363ea9b31bcc9aae0306f4915
SHA512

e8e48d70296b2737137ed7e616ba1d584ccbd72615227219a6cf2f89127dade9921721623f8ee0b65b9f06abffe6e3ae4170d6f1ee6d1ef8b5160461d74d5f25
SSDEEP

3072:cx6SZwEgOQtbap1jZNFnYo6w68cqhS2iJvHLzxq9Xm0:5SeOQdaZNxtk8cqhSxvHY9

Score

10^/10

evilquest execution macos persistence

Malware Config

Targets

- Target
  
  2024-12-23_65f317376f90a69f37b1f7c55c521451_adload_evilquest_rekoobe
- Size
  
  168KB
- MD5
  
  65f317376f90a69f37b1f7c55c521451
- SHA1
  
  5a826f2279378d8bb8786e76a34bd38d2b955240
- SHA256
  
  7ccd5f27595ab4820800a51b8cc7cfc0a30bcbd363ea9b31bcc9aae0306f4915
- SHA512
  
  e8e48d70296b2737137ed7e616ba1d584ccbd72615227219a6cf2f89127dade9921721623f8ee0b65b9f06abffe6e3ae4170d6f1ee6d1ef8b5160461d74d5f25
- SSDEEP
  
  3072:cx6SZwEgOQtbap1jZNFnYo6w68cqhS2iJvHLzxq9Xm0:5SeOQdaZNxtk8cqhSxvHY9
Score

5^/10

execution persistence
- Launch Agent
  Adversaries may create or modify launch agents to repeatedly execute malicious payloads as part of persistence.
  persistence
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

AppleScript

System Services

Launchctl

Persistence

Create or Modify System Process

Launch Agent

Privilege Escalation

Create or Modify System Process

Launch Agent

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

executionpersistence