General

  • Target

    b78c5a3c7e9508bf4ea8119c474f9246_JaffaCakes118

  • Size

    738KB

  • Sample

    240822-n6mr5sydnn

  • MD5

    b78c5a3c7e9508bf4ea8119c474f9246

  • SHA1

    ec5f6a090c7a1917863f320a8593395443d26e15

  • SHA256

    4dfe3864b243b1a4a4369ab4ed584f967f1906996f96bec1352ff383e772c3cd

  • SHA512

    af0882a523f7b73c7e69cfe58ea2b1887189718f0894f8afe7859341af8765ee604942b1655edb5fef58399f5dfaa7be19255c1438120998f1058e6adcce0f89

  • SSDEEP

    12288:uAwSfxL/2Dc3jDLLmt0LDQewsHjhWW1d9cDO0qIlp7+x9xhIS2:TGewsHjoW1d9cbNa98

Malware Config

Targets

    • Target

      b78c5a3c7e9508bf4ea8119c474f9246_JaffaCakes118

    • Size

      738KB

    • MD5

      b78c5a3c7e9508bf4ea8119c474f9246

    • SHA1

      ec5f6a090c7a1917863f320a8593395443d26e15

    • SHA256

      4dfe3864b243b1a4a4369ab4ed584f967f1906996f96bec1352ff383e772c3cd

    • SHA512

      af0882a523f7b73c7e69cfe58ea2b1887189718f0894f8afe7859341af8765ee604942b1655edb5fef58399f5dfaa7be19255c1438120998f1058e6adcce0f89

    • SSDEEP

      12288:uAwSfxL/2Dc3jDLLmt0LDQewsHjhWW1d9cDO0qIlp7+x9xhIS2:TGewsHjoW1d9cbNa98

    • Expiro, m0yv

      Expiro aka m0yv is a multi-functional backdoor written in C++.

    • Expiro payload

MITRE ATT&CK Enterprise v15

Tasks