Overview

overview

10

Static

static

10

2024-12-30...ekoobe

macos-10.15-amd64

5

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-12-30_06c7a4b1902ab8a65cd64e9cf671c292_adload_evilquest_rekoobe

  • Size

    177KB

  • Sample

    241230-qy3vhaypes

  • MD5

    06c7a4b1902ab8a65cd64e9cf671c292

  • SHA1

    8efeb70c652323c067014f30a7e3a9653abc9ea3

  • SHA256

    1b1a5e7c4eb79c5cd1cf12d8423414d0c4976990e1e66478eb4fdf7889e013b0

  • SHA512

    fca40988b077b106320604e09e0e652b55ca5d1e7742de47b118b34626896be985c7aab30d9246c1028033ade05338a9dabea5642b4920a2aa149554ef49f4f2

  • SSDEEP

    3072:cx6SZwEgOQtbap1jZNFnYo6w68cqhS2iJvHLzxq9M60k:5SeOQdaZNxtk8cqhSxvHY9P

Score
10/10
evilquestexecutionmacospersistence

Malware Config

Targets

    • Target

      2024-12-30_06c7a4b1902ab8a65cd64e9cf671c292_adload_evilquest_rekoobe

    • Size

      177KB

    • MD5

      06c7a4b1902ab8a65cd64e9cf671c292

    • SHA1

      8efeb70c652323c067014f30a7e3a9653abc9ea3

    • SHA256

      1b1a5e7c4eb79c5cd1cf12d8423414d0c4976990e1e66478eb4fdf7889e013b0

    • SHA512

      fca40988b077b106320604e09e0e652b55ca5d1e7742de47b118b34626896be985c7aab30d9246c1028033ade05338a9dabea5642b4920a2aa149554ef49f4f2

    • SSDEEP

      3072:cx6SZwEgOQtbap1jZNFnYo6w68cqhS2iJvHLzxq9M60k:5SeOQdaZNxtk8cqhSxvHY9P

    Score
    5/10
    executionpersistence

    • Launch Agent

      Adversaries may create or modify launch agents to repeatedly execute malicious payloads as part of persistence.

      persistence

    • Launch Daemon

      Adversaries may create or modify Launch Daemons to execute malicious payloads as part of persistence. Launch Daemons are plist files used to interact with Launchd, the service management framework used by macOS.

      persistence
    behavioral1

MITRE ATT&CK Enterprise v15

Tasks