General

  • Target

    ba4324af9756fd5dfba082eec55d123a_JaffaCakes118

  • Size

    415KB

  • Sample

    240823-ehy1tswfpq

  • MD5

    ba4324af9756fd5dfba082eec55d123a

  • SHA1

    789ddb7cc89fef286f4de5654f27c7cf2a1ba89c

  • SHA256

    35aee23a7b374f8bba30a7864449aed2a0dc350573504f6adf6b5bafbba9f4e4

  • SHA512

    a5e4481789ad103195668376bb6972a7e77df7b657d112dca5c8fb4df5e0b0b8a0742c866307e07928a210069c0c5f01a1f0765317958060b54b71e5cc4fdc42

  • SSDEEP

    6144:ae933KJyqViCTRUwgEWMy+B/WRuP4mNwmCr3IYnDTcyPEZZ3jLv/+kRe:t10NywgQWIP4mN6YY5Il

Malware Config

Targets

    • Target

      ba4324af9756fd5dfba082eec55d123a_JaffaCakes118

    • Size

      415KB

    • MD5

      ba4324af9756fd5dfba082eec55d123a

    • SHA1

      789ddb7cc89fef286f4de5654f27c7cf2a1ba89c

    • SHA256

      35aee23a7b374f8bba30a7864449aed2a0dc350573504f6adf6b5bafbba9f4e4

    • SHA512

      a5e4481789ad103195668376bb6972a7e77df7b657d112dca5c8fb4df5e0b0b8a0742c866307e07928a210069c0c5f01a1f0765317958060b54b71e5cc4fdc42

    • SSDEEP

      6144:ae933KJyqViCTRUwgEWMy+B/WRuP4mNwmCr3IYnDTcyPEZZ3jLv/+kRe:t10NywgQWIP4mN6YY5Il

    • Expiro, m0yv

      Expiro aka m0yv is a multi-functional backdoor written in C++.

    • Expiro payload

MITRE ATT&CK Enterprise v15

Tasks