EvilQuest is a complex Mac malware specimen. Because it employs anti-analysis logic, a viral persistence mechanism, and insidious payloads, it’s practically begging to be analyzed. Let’s apply the skills you’ve gained from this book to do just that!

This chapter begins our comprehensive analysis of the malware by detailing its infection vector, triaging its binary, and identifying its anti-analysis logic. Chapter 11 will continue our analysis by covering the malware’s methods of persistence and its myriad of capabilities.

The Infection Vector

Much like a biological virus, identifying ...