General

  • Target

    ba4b1109afb8da1ee4e41054fb63d126_JaffaCakes118

  • Size

    437KB

  • Sample

    240823-ep3mlaxamq

  • MD5

    ba4b1109afb8da1ee4e41054fb63d126

  • SHA1

    269600889d55c6444084ffc74e61042b1d1eaba8

  • SHA256

    9cb8cd7011e15c9a917ed0eb9777bdc610fb3e04d49eb552d30386caf6464a5d

  • SHA512

    f16238239608d786c97089069966a80e117bab8fdb94753e61fb19c725e56876c7f3317453283e931488879c59d3a791dcf691b6b0a75396fc1a88f05899eb2f

  • SSDEEP

    6144:UBBwm2oz8fEYga22UHHXyDArvBIM6zOM3ONgEox946lzmEZYS5+oj9COdbeOut8r:XroAfEYAtHCDArvxeObjo46hjYJQ0mN

Malware Config

Targets

    • Target

      ba4b1109afb8da1ee4e41054fb63d126_JaffaCakes118

    • Size

      437KB

    • MD5

      ba4b1109afb8da1ee4e41054fb63d126

    • SHA1

      269600889d55c6444084ffc74e61042b1d1eaba8

    • SHA256

      9cb8cd7011e15c9a917ed0eb9777bdc610fb3e04d49eb552d30386caf6464a5d

    • SHA512

      f16238239608d786c97089069966a80e117bab8fdb94753e61fb19c725e56876c7f3317453283e931488879c59d3a791dcf691b6b0a75396fc1a88f05899eb2f

    • SSDEEP

      6144:UBBwm2oz8fEYga22UHHXyDArvBIM6zOM3ONgEox946lzmEZYS5+oj9COdbeOut8r:XroAfEYAtHCDArvxeObjo46hjYJQ0mN

    • Expiro, m0yv

      Expiro aka m0yv is a multi-functional backdoor written in C++.

    • Expiro payload

MITRE ATT&CK Enterprise v15

Tasks