General

  • Target

    e87bd5de0d9542afa5f0c850913e397f_JaffaCakes118

  • Size

    692KB

  • Sample

    240408-1k6dksga4t

  • MD5

    e87bd5de0d9542afa5f0c850913e397f

  • SHA1

    dc783112ce98460660267a87111302745662fa67

  • SHA256

    411b208b31f28b5feb2a560f2966ca93f6000949b9f78325baf2f16261989cfb

  • SHA512

    5567dafc833d603eb3cde4b5bd22f62d1ab3590a7d7d89bc5adecbe4cfd4877a45cfc7b610cb51b62bb011c10a47df320e51a3d68f4275b9c9232a73023a7009

  • SSDEEP

    6144:U9kbpoDtM1nM91o/CwxTmqNbGU3ffiP51Ca3uuHGEmY+iurSP0dq8VQy1+zromwH:Vo6S8/CwJYUvWzuuy7iuWYr6oBD92iD

Score
10/10

Malware Config

Targets

    • Target

      e87bd5de0d9542afa5f0c850913e397f_JaffaCakes118

    • Size

      692KB

    • MD5

      e87bd5de0d9542afa5f0c850913e397f

    • SHA1

      dc783112ce98460660267a87111302745662fa67

    • SHA256

      411b208b31f28b5feb2a560f2966ca93f6000949b9f78325baf2f16261989cfb

    • SHA512

      5567dafc833d603eb3cde4b5bd22f62d1ab3590a7d7d89bc5adecbe4cfd4877a45cfc7b610cb51b62bb011c10a47df320e51a3d68f4275b9c9232a73023a7009

    • SSDEEP

      6144:U9kbpoDtM1nM91o/CwxTmqNbGU3ffiP51Ca3uuHGEmY+iurSP0dq8VQy1+zromwH:Vo6S8/CwJYUvWzuuy7iuWYr6oBD92iD

    Score
    10/10
    • Expiro, m0yv

      Expiro aka m0yv is a multi-functional backdoor written in C++.

    • Expiro payload

    • Drops file in System32 directory

MITRE ATT&CK Matrix

Tasks