evilquest | accb8f54c5b489808fdc3f76ee024cc7a7345014548cda3ddb878ba77304d537 | Triage

Sharing

General

Target

2025-02-13_da573cb337cf5b3b047aea341954f985_adload_evilquest_rekoobe
Size

337KB
Sample

250213-qeecssxrcq
MD5

da573cb337cf5b3b047aea341954f985
SHA1

fd2622da7c09353a7b24c7a7455b726410567341
SHA256

accb8f54c5b489808fdc3f76ee024cc7a7345014548cda3ddb878ba77304d537
SHA512

9aa93eaf99fbfa187c14d889b1f0ebd60b4502dc5f013396366a403e9e0c1950fe2b73c621c88a3638c3e4ae14d783f5913841f39f5dff9ca0d902cde6456ce3
SSDEEP

6144:5SeOQdaZNxtk8cqhSxvHY9JKSeOQdaZNxtk8cqhSxvHY9Vg:5LOQdaDxq8cqavHYrKLOQdaDxq8cqav4

Score

10^/10

evilquest execution macos persistence

Malware Config

Targets

- Target
  
  2025-02-13_da573cb337cf5b3b047aea341954f985_adload_evilquest_rekoobe
- Size
  
  337KB
- MD5
  
  da573cb337cf5b3b047aea341954f985
- SHA1
  
  fd2622da7c09353a7b24c7a7455b726410567341
- SHA256
  
  accb8f54c5b489808fdc3f76ee024cc7a7345014548cda3ddb878ba77304d537
- SHA512
  
  9aa93eaf99fbfa187c14d889b1f0ebd60b4502dc5f013396366a403e9e0c1950fe2b73c621c88a3638c3e4ae14d783f5913841f39f5dff9ca0d902cde6456ce3
- SSDEEP
  
  6144:5SeOQdaZNxtk8cqhSxvHY9JKSeOQdaZNxtk8cqhSxvHY9Vg:5LOQdaDxq8cqavHYrKLOQdaDxq8cqav4
Score

5^/10

execution persistence
- Launch Agent
  Adversaries may create or modify launch agents to repeatedly execute malicious payloads as part of persistence.
  persistence
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

AppleScript

System Services

Launchctl

Persistence

Create or Modify System Process

Launch Agent

Privilege Escalation

Create or Modify System Process

Launch Agent

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

executionpersistence