Overview

overview

10

Static

static

10

2024-12-27...ekoobe

macos-10.15-amd64

5

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-12-27_ec725928287c0e42749b6da0c6bc5a10_adload_evilquest_rekoobe

  • Size

    337KB

  • Sample

    241227-zbrndszkfp

  • MD5

    ec725928287c0e42749b6da0c6bc5a10

  • SHA1

    a5ff3a6bdbb6e1b60c3330bf84cea74fabc83338

  • SHA256

    3e01fe2a4b62f0e51e5bb354b2ce7891eb674a442d3bac76425affc48eb97c7c

  • SHA512

    5591c1c04eb3a8d0fb0bb2b812cf96ed8fcfcc5ab76ca3403c2681329fe8c851234495b1ea2247eed789133ec5b12da7519026463de053700dfe80e3a04b3772

  • SSDEEP

    6144:5SeOQdaZNxtk8cqhSxvHY9PSeOQdaZNxtk8cqhSxvHY9:5LOQdaDxq8cqavHYBLOQdaDxq8cqavHY

Score
10/10
evilquestevasionexecutionmacospersistence

Malware Config

Targets

    • Target

      2024-12-27_ec725928287c0e42749b6da0c6bc5a10_adload_evilquest_rekoobe

    • Size

      337KB

    • MD5

      ec725928287c0e42749b6da0c6bc5a10

    • SHA1

      a5ff3a6bdbb6e1b60c3330bf84cea74fabc83338

    • SHA256

      3e01fe2a4b62f0e51e5bb354b2ce7891eb674a442d3bac76425affc48eb97c7c

    • SHA512

      5591c1c04eb3a8d0fb0bb2b812cf96ed8fcfcc5ab76ca3403c2681329fe8c851234495b1ea2247eed789133ec5b12da7519026463de053700dfe80e3a04b3772

    • SSDEEP

      6144:5SeOQdaZNxtk8cqhSxvHY9PSeOQdaZNxtk8cqhSxvHY9:5LOQdaDxq8cqavHYBLOQdaDxq8cqavHY

    Score
    5/10
    evasionexecutionpersistence

    • Launch Agent

      Adversaries may create or modify launch agents to repeatedly execute malicious payloads as part of persistence.

      persistence

    • Launch Daemon

      Adversaries may create or modify Launch Daemons to execute malicious payloads as part of persistence. Launch Daemons are plist files used to interact with Launchd, the service management framework used by macOS.

      persistence
    behavioral1

MITRE ATT&CK Enterprise v15

Tasks