evilquest | c007b135fe4c8ebaa3fba53427cdb617585cd6df5fa67683ddfad20a8baf3ff7 | Triage

Sharing

General

Target

2024-12-24_9f3a4bc4cabdd32c82ccad0a20b81cca_adload_evilquest_rekoobe
Size

168KB
Sample

241224-lcy7zatnhm
MD5

9f3a4bc4cabdd32c82ccad0a20b81cca
SHA1

b098f69c65e898da8554e1837176bc743fb8dcdf
SHA256

c007b135fe4c8ebaa3fba53427cdb617585cd6df5fa67683ddfad20a8baf3ff7
SHA512

a30436eda0b5916c88e46b654b949ba159652f8d03686bbc1881042c5f04742a05313781b83894022311be6724ff35af4b771e0f1fe4233972ffe5e0168cbec1
SSDEEP

3072:cx6SZwEgOQtbap1jZNFnYo6w68cqhS2iJvHLzxq9px0:5SeOQdaZNxtk8cqhSxvHY9p

Score

10^/10

evilquest execution macos persistence

Malware Config

Targets

- Target
  
  2024-12-24_9f3a4bc4cabdd32c82ccad0a20b81cca_adload_evilquest_rekoobe
- Size
  
  168KB
- MD5
  
  9f3a4bc4cabdd32c82ccad0a20b81cca
- SHA1
  
  b098f69c65e898da8554e1837176bc743fb8dcdf
- SHA256
  
  c007b135fe4c8ebaa3fba53427cdb617585cd6df5fa67683ddfad20a8baf3ff7
- SHA512
  
  a30436eda0b5916c88e46b654b949ba159652f8d03686bbc1881042c5f04742a05313781b83894022311be6724ff35af4b771e0f1fe4233972ffe5e0168cbec1
- SSDEEP
  
  3072:cx6SZwEgOQtbap1jZNFnYo6w68cqhS2iJvHLzxq9px0:5SeOQdaZNxtk8cqhSxvHY9p
Score

5^/10

execution persistence
- Launch Agent
  Adversaries may create or modify launch agents to repeatedly execute malicious payloads as part of persistence.
  persistence
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

AppleScript

System Services

Launchctl

Persistence

Create or Modify System Process

Launch Agent

Privilege Escalation

Create or Modify System Process

Launch Agent

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

executionpersistence