Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

2025-03-06...ekoobe

macos-10.15-amd64

5

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2025-03-06_fbc85a218a854117c2e114136338e72f_adload_evilquest_rekoobe

  • Size

    168KB

  • Sample

    250306-xnavasvxby

  • MD5

    fbc85a218a854117c2e114136338e72f

  • SHA1

    0d6a8692e4969d6d0991be4c949c577f3e63c8e1

  • SHA256

    a80f87b51022ab502417520d38fc297ee9607449b6fd1c4b591058a67fce3317

  • SHA512

    f9acfdc3e68f56d89fa43ba9c578bd760f46d78cfc2a52f4b80e1f06c86bfc7432c78d6e87e898987554e6ad9d1a85c23227d27caa4c170d10140d635f455d9f

  • SSDEEP

    3072:cx6SZwEgOQtbap1jZNFnYo6w68cqhS2iJvHLzxq940:5SeOQdaZNxtk8cqhSxvHY9

Score
10/10
evilquestexecutionmacospersistence

Malware Config

Targets

    • Target

      2025-03-06_fbc85a218a854117c2e114136338e72f_adload_evilquest_rekoobe

    • Size

      168KB

    • MD5

      fbc85a218a854117c2e114136338e72f

    • SHA1

      0d6a8692e4969d6d0991be4c949c577f3e63c8e1

    • SHA256

      a80f87b51022ab502417520d38fc297ee9607449b6fd1c4b591058a67fce3317

    • SHA512

      f9acfdc3e68f56d89fa43ba9c578bd760f46d78cfc2a52f4b80e1f06c86bfc7432c78d6e87e898987554e6ad9d1a85c23227d27caa4c170d10140d635f455d9f

    • SSDEEP

      3072:cx6SZwEgOQtbap1jZNFnYo6w68cqhS2iJvHLzxq940:5SeOQdaZNxtk8cqhSxvHY9

    Score
    5/10
    executionpersistence

    • Launch Agent

      Adversaries may create or modify launch agents to repeatedly execute malicious payloads as part of persistence.

      persistence

    • Launch Daemon

      Adversaries may create or modify Launch Daemons to execute malicious payloads as part of persistence. Launch Daemons are plist files used to interact with Launchd, the service management framework used by macOS.

      persistence
    behavioral1

MITRE ATT&CK Enterprise v15

Tasks