evilquest | 71417dd041aa52f7394df028bc0793231d0440b00cabd4745dea5f7d282f9324 | Triage

Sharing

General

Target

2024-12-30_4ec1dda0ea2fbbb27864543c6e56d3dc_adload_evilquest_rekoobe
Size

168KB
Sample

241230-pxqccayjg1
MD5

4ec1dda0ea2fbbb27864543c6e56d3dc
SHA1

076407563796c94b62162251dbe34a6f3c484922
SHA256

71417dd041aa52f7394df028bc0793231d0440b00cabd4745dea5f7d282f9324
SHA512

9ae8f4374cac98a5ee29e0078c99ed5b3343cd7ff6879e8e4618ed979fa97b6e3f3b5ece1c8b93d2922464bb6e86106e53430ac61c622239da8711bc4071daa4
SSDEEP

3072:cx6SZwEgOQtbap1jZNFnYo6w68cqhS2iJvHLzxq94qfRUD9N0:5SeOQdaZNxtk8cqhSxvHY9n

Score

10^/10

evilquest execution macos persistence

Malware Config

Targets

- Target
  
  2024-12-30_4ec1dda0ea2fbbb27864543c6e56d3dc_adload_evilquest_rekoobe
- Size
  
  168KB
- MD5
  
  4ec1dda0ea2fbbb27864543c6e56d3dc
- SHA1
  
  076407563796c94b62162251dbe34a6f3c484922
- SHA256
  
  71417dd041aa52f7394df028bc0793231d0440b00cabd4745dea5f7d282f9324
- SHA512
  
  9ae8f4374cac98a5ee29e0078c99ed5b3343cd7ff6879e8e4618ed979fa97b6e3f3b5ece1c8b93d2922464bb6e86106e53430ac61c622239da8711bc4071daa4
- SSDEEP
  
  3072:cx6SZwEgOQtbap1jZNFnYo6w68cqhS2iJvHLzxq94qfRUD9N0:5SeOQdaZNxtk8cqhSxvHY9n
Score

5^/10

execution persistence
- Launch Agent
  Adversaries may create or modify launch agents to repeatedly execute malicious payloads as part of persistence.
  persistence
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

AppleScript

System Services

Launchctl

Persistence

Create or Modify System Process

Launch Agent

Privilege Escalation

Create or Modify System Process

Launch Agent

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

executionpersistence