General

  • Target

    f3d5e52b50b9b30d7675610930e7e785_JaffaCakes118

  • Size

    432KB

  • Sample

    240416-tlm53aed64

  • MD5

    f3d5e52b50b9b30d7675610930e7e785

  • SHA1

    f5228672adef38df6cd2699c5d1e1e8301085ff1

  • SHA256

    027629fd71aab16bc5951e81865233abd02276ebad5eecd6babc2133ebf46197

  • SHA512

    363e3ae15c08402eec2d10c3f28dee63df36666690478c5b8a48dfe747e87cebaa42c3f6bd12fb5d3e5a064f98c9308d4ecf2925c92ef46505f019970498f12d

  • SSDEEP

    12288:FUCmZiCfJapXi9ph/IPx2dYdbq/LzARMVO4sNyDm3F3U:nCgpXi9ph/IPgSbqDzARnYDm3F3U

Score
10/10

Malware Config

Targets

    • Target

      f3d5e52b50b9b30d7675610930e7e785_JaffaCakes118

    • Size

      432KB

    • MD5

      f3d5e52b50b9b30d7675610930e7e785

    • SHA1

      f5228672adef38df6cd2699c5d1e1e8301085ff1

    • SHA256

      027629fd71aab16bc5951e81865233abd02276ebad5eecd6babc2133ebf46197

    • SHA512

      363e3ae15c08402eec2d10c3f28dee63df36666690478c5b8a48dfe747e87cebaa42c3f6bd12fb5d3e5a064f98c9308d4ecf2925c92ef46505f019970498f12d

    • SSDEEP

      12288:FUCmZiCfJapXi9ph/IPx2dYdbq/LzARMVO4sNyDm3F3U:nCgpXi9ph/IPgSbqDzARnYDm3F3U

    Score
    10/10
    • Expiro, m0yv

      Expiro aka m0yv is a multi-functional backdoor written in C++.

    • Expiro payload

MITRE ATT&CK Matrix

Tasks