General

  • Target

    2024-12-24_899710ae4c26c136f5ccaa0434a83f8e_adload_evilquest_rekoobe

  • Size

    168KB

  • Sample

    241224-lcpzastnhk

  • MD5

    899710ae4c26c136f5ccaa0434a83f8e

  • SHA1

    7859de08539a68c1d4be2ad33bd7f621bc1bf4bb

  • SHA256

    a6a85fbb6cbba7e62e59d1ea28a9968680f6412648d2751a36bf2c6549fadcc3

  • SHA512

    a8d97d553ac55e522ac45a1e1c7b3bb0c9809f66dd284eb02abeba57c82d681b50879ed3d54ff8734e96e3f2e8c5aa9d18faf39d07f2b12ddd266c937988aa32

  • SSDEEP

    3072:cx6SZwEgOQtbap1jZNFnYo6w68cqhS2iJvHLzxq9eb40:5SeOQdaZNxtk8cqhSxvHY9eb

Malware Config

Targets

    • Target

      2024-12-24_899710ae4c26c136f5ccaa0434a83f8e_adload_evilquest_rekoobe

    • Size

      168KB

    • MD5

      899710ae4c26c136f5ccaa0434a83f8e

    • SHA1

      7859de08539a68c1d4be2ad33bd7f621bc1bf4bb

    • SHA256

      a6a85fbb6cbba7e62e59d1ea28a9968680f6412648d2751a36bf2c6549fadcc3

    • SHA512

      a8d97d553ac55e522ac45a1e1c7b3bb0c9809f66dd284eb02abeba57c82d681b50879ed3d54ff8734e96e3f2e8c5aa9d18faf39d07f2b12ddd266c937988aa32

    • SSDEEP

      3072:cx6SZwEgOQtbap1jZNFnYo6w68cqhS2iJvHLzxq9eb40:5SeOQdaZNxtk8cqhSxvHY9eb

    • EvilQuest

      EvilQuest family.

    • EvilQuest payload

    • Evilquest family

    • Launch Agent

      Adversaries may create or modify launch agents to repeatedly execute malicious payloads as part of persistence.

    • Launch Daemon

      Adversaries may create or modify Launch Daemons to execute malicious payloads as part of persistence. Launch Daemons are plist files used to interact with Launchd, the service management framework used by macOS.

MITRE ATT&CK Enterprise v15

Tasks