evilquest | 1f58aa5a79c61d383e996658e3e10ac0fe8794e21ee26774e9d06375c429a9f5 | Triage

Sharing

General

Target

2024-12-24_cc8261923bfa0732ad78fdcd0230df31_adload_evilquest_rekoobe
Size

168KB
Sample

241224-lpbx7stqbx
MD5

cc8261923bfa0732ad78fdcd0230df31
SHA1

31d87100128afc288976f0fc730eb087c26a727f
SHA256

1f58aa5a79c61d383e996658e3e10ac0fe8794e21ee26774e9d06375c429a9f5
SHA512

8bd61113e4ae4eebcd4c408c3b60b04f04516232860689df0caa56b04f0b76a69459d7972e8876d80606ac51eecedeadbe81a00b50b44cd53370231278b67464
SSDEEP

3072:cx6SZwEgOQtbap1jZNFnYo6w68cqhS2iJvHLzxq9W70:5SeOQdaZNxtk8cqhSxvHY9W

Score

10^/10

evilquest execution macos persistence

Malware Config

Targets

- Target
  
  2024-12-24_cc8261923bfa0732ad78fdcd0230df31_adload_evilquest_rekoobe
- Size
  
  168KB
- MD5
  
  cc8261923bfa0732ad78fdcd0230df31
- SHA1
  
  31d87100128afc288976f0fc730eb087c26a727f
- SHA256
  
  1f58aa5a79c61d383e996658e3e10ac0fe8794e21ee26774e9d06375c429a9f5
- SHA512
  
  8bd61113e4ae4eebcd4c408c3b60b04f04516232860689df0caa56b04f0b76a69459d7972e8876d80606ac51eecedeadbe81a00b50b44cd53370231278b67464
- SSDEEP
  
  3072:cx6SZwEgOQtbap1jZNFnYo6w68cqhS2iJvHLzxq9W70:5SeOQdaZNxtk8cqhSxvHY9W
Score

5^/10

execution persistence
- Launch Agent
  Adversaries may create or modify launch agents to repeatedly execute malicious payloads as part of persistence.
  persistence
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

AppleScript

System Services

Launchctl

Persistence

Create or Modify System Process

Launch Agent

Privilege Escalation

Create or Modify System Process

Launch Agent

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

executionpersistence