evilquest | 5dbcbf048ec0f63c89bb7baf6c0dde82e20477884b9761b7baa4894daf484664 | Triage

Sharing

General

Target

2025-02-13_d6d851d1f2beb2bd29d1007a5f9bbfaa_adload_evilquest_rekoobe
Size

337KB
Sample

250213-p7phssxqgj
MD5

d6d851d1f2beb2bd29d1007a5f9bbfaa
SHA1

153da0eb8f59e90594812d99980a2061948b2b9e
SHA256

5dbcbf048ec0f63c89bb7baf6c0dde82e20477884b9761b7baa4894daf484664
SHA512

a31319e577ed7868c46c1685a7726495233dfe008d069b89b60f29332a56a218926b46b0132d887a4dc5a5af96032d77aec40bbf8ae95253a063c5f7d6a7d0a1
SSDEEP

6144:5SeOQdaZNxtk8cqhSxvHY9RSeOQdaZNxtk8cqhSxvHY9Vg:5LOQdaDxq8cqavHYXLOQdaDxq8cqavHY

Score

10^/10

evilquest defense_evasion execution macos persistence

Malware Config

Targets

- Target
  
  2025-02-13_d6d851d1f2beb2bd29d1007a5f9bbfaa_adload_evilquest_rekoobe
- Size
  
  337KB
- MD5
  
  d6d851d1f2beb2bd29d1007a5f9bbfaa
- SHA1
  
  153da0eb8f59e90594812d99980a2061948b2b9e
- SHA256
  
  5dbcbf048ec0f63c89bb7baf6c0dde82e20477884b9761b7baa4894daf484664
- SHA512
  
  a31319e577ed7868c46c1685a7726495233dfe008d069b89b60f29332a56a218926b46b0132d887a4dc5a5af96032d77aec40bbf8ae95253a063c5f7d6a7d0a1
- SSDEEP
  
  6144:5SeOQdaZNxtk8cqhSxvHY9RSeOQdaZNxtk8cqhSxvHY9Vg:5LOQdaDxq8cqavHYXLOQdaDxq8cqavHY
Score

5^/10

defense_evasion execution persistence
- Launch Agent
  Adversaries may create or modify launch agents to repeatedly execute malicious payloads as part of persistence.
  persistence
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

AppleScript

System Services

Launchctl

Persistence

Create or Modify System Process

Launch Agent

Privilege Escalation

Create or Modify System Process

Launch Agent

Defense Evasion

Hide Artifacts

Resource Forking

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

defense_evasionexecutionpersistence