General

  • Target

    f6a12268ae375404fd2b87e1e80a10f1_JaffaCakes118

  • Size

    417KB

  • Sample

    240417-1jlb1seh62

  • MD5

    f6a12268ae375404fd2b87e1e80a10f1

  • SHA1

    e13f789fd191ec112a62042ea48993af0860ae56

  • SHA256

    40c02a48e2c4f07dc9e25abbfc83e1daa6869d0e2356fb12c992d1bec38a723e

  • SHA512

    964d4adf4811404d0d3defa7f34abb32e79e1b98ea5fc97d830415525f4b6a35fed899dc25ac6b898a7058b9a03a34e585f2ae98ede203e9aad2eb2f50e242f1

  • SSDEEP

    6144:PSpwTxz8fEYga22UHHXyDArvBIM6zOR3ONgEox946lzmEZYS5+oj9COdbeOut8MQ:K+lAfEYAtHCDArvxeOwjo46hjYJQ0mN

Score
10/10

Malware Config

Targets

    • Target

      f6a12268ae375404fd2b87e1e80a10f1_JaffaCakes118

    • Size

      417KB

    • MD5

      f6a12268ae375404fd2b87e1e80a10f1

    • SHA1

      e13f789fd191ec112a62042ea48993af0860ae56

    • SHA256

      40c02a48e2c4f07dc9e25abbfc83e1daa6869d0e2356fb12c992d1bec38a723e

    • SHA512

      964d4adf4811404d0d3defa7f34abb32e79e1b98ea5fc97d830415525f4b6a35fed899dc25ac6b898a7058b9a03a34e585f2ae98ede203e9aad2eb2f50e242f1

    • SSDEEP

      6144:PSpwTxz8fEYga22UHHXyDArvBIM6zOR3ONgEox946lzmEZYS5+oj9COdbeOut8MQ:K+lAfEYAtHCDArvxeOwjo46hjYJQ0mN

    Score
    10/10
    • Expiro, m0yv

      Expiro aka m0yv is a multi-functional backdoor written in C++.

    • Expiro payload

MITRE ATT&CK Matrix

Tasks