Overview

overview

10

Static

static

10

2024-12-24...ekoobe

macos-10.15-amd64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-12-24_427a202303ca3168158598f05af398d1_adload_evilquest_rekoobe

  • Size

    168KB

  • Sample

    241224-lce44atmgz

  • MD5

    427a202303ca3168158598f05af398d1

  • SHA1

    46604618c6e888214f2dc356ab5ef4450fb836d0

  • SHA256

    aa52fb32c9ec1ca67add29e6acad19144309dd1acf3b757d7cba27c650a847f3

  • SHA512

    0f83c4247017cbecb073c2c5056e3e116672737913f7ab1f44d728daaf598961f7f49c66e1e6f6b4b9031c3d411dd8826733492564684845ca06afc228186e24

  • SSDEEP

    3072:cx6SZwEgOQtbap1jZNFnYo6w68cqhS2iJvHLzxq9S0:5SeOQdaZNxtk8cqhSxvHY9

Score
10/10
evilquestbackdoorevasionexecutionmacospersistence

Malware Config

Targets

    • Target

      2024-12-24_427a202303ca3168158598f05af398d1_adload_evilquest_rekoobe

    • Size

      168KB

    • MD5

      427a202303ca3168158598f05af398d1

    • SHA1

      46604618c6e888214f2dc356ab5ef4450fb836d0

    • SHA256

      aa52fb32c9ec1ca67add29e6acad19144309dd1acf3b757d7cba27c650a847f3

    • SHA512

      0f83c4247017cbecb073c2c5056e3e116672737913f7ab1f44d728daaf598961f7f49c66e1e6f6b4b9031c3d411dd8826733492564684845ca06afc228186e24

    • SSDEEP

      3072:cx6SZwEgOQtbap1jZNFnYo6w68cqhS2iJvHLzxq9S0:5SeOQdaZNxtk8cqhSxvHY9

    Score
    10/10
    evilquestbackdoorevasionexecutionpersistence

    • EvilQuest

      EvilQuest family.

      backdoorevilquest

    • EvilQuest payload

    • Evilquest family

      evilquest

    • Launch Agent

      Adversaries may create or modify launch agents to repeatedly execute malicious payloads as part of persistence.

      persistence

    • Launch Daemon

      Adversaries may create or modify Launch Daemons to execute malicious payloads as part of persistence. Launch Daemons are plist files used to interact with Launchd, the service management framework used by macOS.

      persistence
    behavioral1

MITRE ATT&CK Enterprise v15

Tasks