General

  • Target

    f3a8c991b7343c19bedb7f2b60df8036_JaffaCakes118

  • Size

    420KB

  • Sample

    240416-rhphlsdf2v

  • MD5

    f3a8c991b7343c19bedb7f2b60df8036

  • SHA1

    48f91dc6febb5c095010aadbce935eb841abea67

  • SHA256

    ca332cece1105f88181b6cd1d3d37e20800cae7bd0696998cdc5fc7b940a3f9a

  • SHA512

    b60ad57526edb6c26772dac6db5fed7952357d04f94bf840544f03441d2fc5021cfe419cfdd1bbd8bb62bc44f0fe07432c2bcbaab7568a27d729a290477a1141

  • SSDEEP

    6144:EWkHpPNtuqgxRrQUGtfXX++Khzkm2vQAz2HlcP38IFFD9W0q+zJpmrIz5X8/M:ETx/o6jZ++aSQJO9Lc0zzJpX9o

Score
10/10

Malware Config

Targets

    • Target

      f3a8c991b7343c19bedb7f2b60df8036_JaffaCakes118

    • Size

      420KB

    • MD5

      f3a8c991b7343c19bedb7f2b60df8036

    • SHA1

      48f91dc6febb5c095010aadbce935eb841abea67

    • SHA256

      ca332cece1105f88181b6cd1d3d37e20800cae7bd0696998cdc5fc7b940a3f9a

    • SHA512

      b60ad57526edb6c26772dac6db5fed7952357d04f94bf840544f03441d2fc5021cfe419cfdd1bbd8bb62bc44f0fe07432c2bcbaab7568a27d729a290477a1141

    • SSDEEP

      6144:EWkHpPNtuqgxRrQUGtfXX++Khzkm2vQAz2HlcP38IFFD9W0q+zJpmrIz5X8/M:ETx/o6jZ++aSQJO9Lc0zzJpX9o

    Score
    10/10
    • Expiro, m0yv

      Expiro aka m0yv is a multi-functional backdoor written in C++.

    • Expiro payload

MITRE ATT&CK Matrix

Tasks