General

  • Target

    e5629f298d4969fba0518c4c7d954d04_JaffaCakes118

  • Size

    432KB

  • Sample

    240407-t8k9zsha5s

  • MD5

    e5629f298d4969fba0518c4c7d954d04

  • SHA1

    4dceac8f7754b46115664d67250cabc6b3dd1c46

  • SHA256

    48ff022af53d2f1a0977c2566e8999ca7e9dd2b56225fc62f136fae5bf1c6703

  • SHA512

    d2ae8a9e28665564d064acffe07dbc7c00f47df8a53aa451c5865a52adfafc7b200e1a9eb5f8912437e909222e61a431519353216c77cdcfea92460e92705579

  • SSDEEP

    12288:8UCmZiCUBAX7+4a2Sj/FZuXAGLMUm9jP1IVinM:aCU+7ytYQJ500M

Score
10/10

Malware Config

Targets

    • Target

      e5629f298d4969fba0518c4c7d954d04_JaffaCakes118

    • Size

      432KB

    • MD5

      e5629f298d4969fba0518c4c7d954d04

    • SHA1

      4dceac8f7754b46115664d67250cabc6b3dd1c46

    • SHA256

      48ff022af53d2f1a0977c2566e8999ca7e9dd2b56225fc62f136fae5bf1c6703

    • SHA512

      d2ae8a9e28665564d064acffe07dbc7c00f47df8a53aa451c5865a52adfafc7b200e1a9eb5f8912437e909222e61a431519353216c77cdcfea92460e92705579

    • SSDEEP

      12288:8UCmZiCUBAX7+4a2Sj/FZuXAGLMUm9jP1IVinM:aCU+7ytYQJ500M

    Score
    10/10
    • Expiro, m0yv

      Expiro aka m0yv is a multi-functional backdoor written in C++.

    • Expiro payload

MITRE ATT&CK Matrix

Tasks