Overview

overview

10

Static

static

10

2024-12-26...ekoobe

macos-10.15-amd64

5

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-12-26_9ae192aab57d417f59b796f590903f31_adload_evilquest_rekoobe

  • Size

    168KB

  • Sample

    241226-s6daxszjal

  • MD5

    9ae192aab57d417f59b796f590903f31

  • SHA1

    33bdff5100ea33f695be9418f5a56a8f8a6c4e9d

  • SHA256

    24a44d1ad38ef850f461f2ddf69c4ac21f7e3cd15ef2b4611b12ad8cb2670268

  • SHA512

    8c73ca85c43bedc4a8718fbcaed36a42b71446c3c987f91ef5b445ff16880deac56b203654622e3fc27106843a04d7a0f3e46b8466734f357672131ffa3b6bf3

  • SSDEEP

    3072:cx6SZwEgOQtbap1jZNFnYo6w68cqhS2iJvHLzxq9v10:5SeOQdaZNxtk8cqhSxvHY9

Score
10/10
evilquestevasionexecutionmacospersistence

Malware Config

Targets

    • Target

      2024-12-26_9ae192aab57d417f59b796f590903f31_adload_evilquest_rekoobe

    • Size

      168KB

    • MD5

      9ae192aab57d417f59b796f590903f31

    • SHA1

      33bdff5100ea33f695be9418f5a56a8f8a6c4e9d

    • SHA256

      24a44d1ad38ef850f461f2ddf69c4ac21f7e3cd15ef2b4611b12ad8cb2670268

    • SHA512

      8c73ca85c43bedc4a8718fbcaed36a42b71446c3c987f91ef5b445ff16880deac56b203654622e3fc27106843a04d7a0f3e46b8466734f357672131ffa3b6bf3

    • SSDEEP

      3072:cx6SZwEgOQtbap1jZNFnYo6w68cqhS2iJvHLzxq9v10:5SeOQdaZNxtk8cqhSxvHY9

    Score
    5/10
    evasionexecutionpersistence

    • Launch Agent

      Adversaries may create or modify launch agents to repeatedly execute malicious payloads as part of persistence.

      persistence

    • Launch Daemon

      Adversaries may create or modify Launch Daemons to execute malicious payloads as part of persistence. Launch Daemons are plist files used to interact with Launchd, the service management framework used by macOS.

      persistence
    behavioral1

MITRE ATT&CK Enterprise v15

Tasks