evilquest | 0524d0c8a1d0b264d6055aad559652e87b03c47f3fa18f92ae076669a10edb56 | Triage

Sharing

General

Target

2025-03-07_3ac3c9f69482ebb4eedf28758b545464_adload_evilquest_rekoobe
Size

168KB
Sample

250307-jj652sxks4
MD5

3ac3c9f69482ebb4eedf28758b545464
SHA1

35e9daccf74e3901f8e6270f9ee2a51b7ec8ff49
SHA256

0524d0c8a1d0b264d6055aad559652e87b03c47f3fa18f92ae076669a10edb56
SHA512

3e23e3eab67490e73fe73b89c9e72ca4e05112d40111837da4e63951d0ba3fbb059261bd66044e185fe096891f31d8ce895c46259c90f76f63ed66d49bb2bfe2
SSDEEP

3072:cx6SZwEgOQtbap1jZNFnYo6w68cqhS2iJvHLzxq9v0:5SeOQdaZNxtk8cqhSxvHY9

Score

10^/10

evilquest execution macos persistence

Malware Config

Targets

- Target
  
  2025-03-07_3ac3c9f69482ebb4eedf28758b545464_adload_evilquest_rekoobe
- Size
  
  168KB
- MD5
  
  3ac3c9f69482ebb4eedf28758b545464
- SHA1
  
  35e9daccf74e3901f8e6270f9ee2a51b7ec8ff49
- SHA256
  
  0524d0c8a1d0b264d6055aad559652e87b03c47f3fa18f92ae076669a10edb56
- SHA512
  
  3e23e3eab67490e73fe73b89c9e72ca4e05112d40111837da4e63951d0ba3fbb059261bd66044e185fe096891f31d8ce895c46259c90f76f63ed66d49bb2bfe2
- SSDEEP
  
  3072:cx6SZwEgOQtbap1jZNFnYo6w68cqhS2iJvHLzxq9v0:5SeOQdaZNxtk8cqhSxvHY9
Score

5^/10

execution persistence
- Launch Agent
  Adversaries may create or modify launch agents to repeatedly execute malicious payloads as part of persistence.
  persistence
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

AppleScript

System Services

Launchctl

Persistence

Create or Modify System Process

Launch Agent

Privilege Escalation

Create or Modify System Process

Launch Agent

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

executionpersistence