evilquest | be359532651aa31680776a95e56a66441a5570b72f692fbcab8876494fe68cd7 | Triage

Sharing

General

Target

2024-12-24_38870492d6a745a69317a13200a8717a_adload_evilquest_rekoobe
Size

168KB
Sample

241224-ld1gestncv
MD5

38870492d6a745a69317a13200a8717a
SHA1

3ddaaba7bda17ea4cbb362959e1cdb788f06cf4f
SHA256

be359532651aa31680776a95e56a66441a5570b72f692fbcab8876494fe68cd7
SHA512

9f792b7c4d00740b52ee990209dab9404e5892cda97fcda916962bd67a52d15f6d489307c9966078ce5c01edb1053a40ff08b91632b7621ee55d3989396ded6d
SSDEEP

3072:cx6SZwEgOQtbap1jZNFnYo6w68cqhS2iJvHLzxq98r0:5SeOQdaZNxtk8cqhSxvHY9

Score

10^/10

evilquest execution macos persistence

Malware Config

Targets

- Target
  
  2024-12-24_38870492d6a745a69317a13200a8717a_adload_evilquest_rekoobe
- Size
  
  168KB
- MD5
  
  38870492d6a745a69317a13200a8717a
- SHA1
  
  3ddaaba7bda17ea4cbb362959e1cdb788f06cf4f
- SHA256
  
  be359532651aa31680776a95e56a66441a5570b72f692fbcab8876494fe68cd7
- SHA512
  
  9f792b7c4d00740b52ee990209dab9404e5892cda97fcda916962bd67a52d15f6d489307c9966078ce5c01edb1053a40ff08b91632b7621ee55d3989396ded6d
- SSDEEP
  
  3072:cx6SZwEgOQtbap1jZNFnYo6w68cqhS2iJvHLzxq98r0:5SeOQdaZNxtk8cqhSxvHY9
Score

5^/10

execution persistence
- Launch Agent
  Adversaries may create or modify launch agents to repeatedly execute malicious payloads as part of persistence.
  persistence
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

AppleScript

System Services

Launchctl

Persistence

Create or Modify System Process

Launch Agent

Privilege Escalation

Create or Modify System Process

Launch Agent

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

executionpersistence