Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

2025-02-13...ekoobe

macos-10.15-amd64

5

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2025-02-13_d6d851d1f2beb2bd29d1007a5f9bbfaa_adload_evilquest_rekoobe

  • Size

    337KB

  • Sample

    250213-qcdngsynax

  • MD5

    d6d851d1f2beb2bd29d1007a5f9bbfaa

  • SHA1

    153da0eb8f59e90594812d99980a2061948b2b9e

  • SHA256

    5dbcbf048ec0f63c89bb7baf6c0dde82e20477884b9761b7baa4894daf484664

  • SHA512

    a31319e577ed7868c46c1685a7726495233dfe008d069b89b60f29332a56a218926b46b0132d887a4dc5a5af96032d77aec40bbf8ae95253a063c5f7d6a7d0a1

  • SSDEEP

    6144:5SeOQdaZNxtk8cqhSxvHY9RSeOQdaZNxtk8cqhSxvHY9Vg:5LOQdaDxq8cqavHYXLOQdaDxq8cqavHY

Score
10/10
evilquestdefense_evasionexecutionmacospersistence

Malware Config

Targets

    • Target

      2025-02-13_d6d851d1f2beb2bd29d1007a5f9bbfaa_adload_evilquest_rekoobe

    • Size

      337KB

    • MD5

      d6d851d1f2beb2bd29d1007a5f9bbfaa

    • SHA1

      153da0eb8f59e90594812d99980a2061948b2b9e

    • SHA256

      5dbcbf048ec0f63c89bb7baf6c0dde82e20477884b9761b7baa4894daf484664

    • SHA512

      a31319e577ed7868c46c1685a7726495233dfe008d069b89b60f29332a56a218926b46b0132d887a4dc5a5af96032d77aec40bbf8ae95253a063c5f7d6a7d0a1

    • SSDEEP

      6144:5SeOQdaZNxtk8cqhSxvHY9RSeOQdaZNxtk8cqhSxvHY9Vg:5LOQdaDxq8cqavHYXLOQdaDxq8cqavHY

    Score
    5/10
    defense_evasionexecutionpersistence

    • Launch Agent

      Adversaries may create or modify launch agents to repeatedly execute malicious payloads as part of persistence.

      persistence

    • Launch Daemon

      Adversaries may create or modify Launch Daemons to execute malicious payloads as part of persistence. Launch Daemons are plist files used to interact with Launchd, the service management framework used by macOS.

      persistence
    behavioral1

MITRE ATT&CK Enterprise v15

Tasks