General

  • Target

    b9a6ac5275eb2a717bb96d1b4e824007_JaffaCakes118

  • Size

    417KB

  • Sample

    240823-aqqbfawaqd

  • MD5

    b9a6ac5275eb2a717bb96d1b4e824007

  • SHA1

    ab58b5806d3f880a80e86f6f43304438eec56ee9

  • SHA256

    60015c6e5f0f807fe92b92fb37e78116970bd2850a851436ad5e3f0d8ed610df

  • SHA512

    3fe85e860e7b5217e814a94ba293a44b42a8b6b7dabbcaa30e639c6d703425127e027451b5d2dd0a9513b42b1930448f203df9a13f95e2041d5329588e857a48

  • SSDEEP

    6144:+SpwTEOzPSK5U2SoJ8VWackHV1ZmXRWLgKocUq8nOfaIROo71YvK09lw+45B:B+IK5U2SoysMmwLQcUqgsPBYv745B

Malware Config

Targets

    • Target

      b9a6ac5275eb2a717bb96d1b4e824007_JaffaCakes118

    • Size

      417KB

    • MD5

      b9a6ac5275eb2a717bb96d1b4e824007

    • SHA1

      ab58b5806d3f880a80e86f6f43304438eec56ee9

    • SHA256

      60015c6e5f0f807fe92b92fb37e78116970bd2850a851436ad5e3f0d8ed610df

    • SHA512

      3fe85e860e7b5217e814a94ba293a44b42a8b6b7dabbcaa30e639c6d703425127e027451b5d2dd0a9513b42b1930448f203df9a13f95e2041d5329588e857a48

    • SSDEEP

      6144:+SpwTEOzPSK5U2SoJ8VWackHV1ZmXRWLgKocUq8nOfaIROo71YvK09lw+45B:B+IK5U2SoysMmwLQcUqgsPBYv745B

    • Expiro, m0yv

      Expiro aka m0yv is a multi-functional backdoor written in C++.

    • Expiro payload

MITRE ATT&CK Enterprise v15

Tasks