General

  • Target

    bc7488617a19fec85aca65c80adb7bd7_JaffaCakes118

  • Size

    437KB

  • Sample

    240823-ttetnavcng

  • MD5

    bc7488617a19fec85aca65c80adb7bd7

  • SHA1

    3647cba8e6216d2dd26a34c446e9ca78d2546eda

  • SHA256

    a0a5a5e5f60a5676708b145c72b67ad50aa75a1d5544319dd5b3078febf1a36f

  • SHA512

    dd012acd97e2290ce38fd5f2bf5f4fbceb5642214b81cebcdbd6a05dac6c09726e5f512a2d7ee6c5c3dbfbad07d98730cb9e0c65b2ab0cf4ba991e2f61f2d5f9

  • SSDEEP

    6144:UgBwm2oz8fEYga22UHHXyDArvBIM6zOV3ONgEox946lzmEZYS5+oj9COdbeOut8r:AroAfEYAtHCDArvxeOcjo46hjYJQ0mN

Malware Config

Targets

    • Target

      bc7488617a19fec85aca65c80adb7bd7_JaffaCakes118

    • Size

      437KB

    • MD5

      bc7488617a19fec85aca65c80adb7bd7

    • SHA1

      3647cba8e6216d2dd26a34c446e9ca78d2546eda

    • SHA256

      a0a5a5e5f60a5676708b145c72b67ad50aa75a1d5544319dd5b3078febf1a36f

    • SHA512

      dd012acd97e2290ce38fd5f2bf5f4fbceb5642214b81cebcdbd6a05dac6c09726e5f512a2d7ee6c5c3dbfbad07d98730cb9e0c65b2ab0cf4ba991e2f61f2d5f9

    • SSDEEP

      6144:UgBwm2oz8fEYga22UHHXyDArvBIM6zOV3ONgEox946lzmEZYS5+oj9COdbeOut8r:AroAfEYAtHCDArvxeOcjo46hjYJQ0mN

    • Expiro, m0yv

      Expiro aka m0yv is a multi-functional backdoor written in C++.

    • Expiro payload

MITRE ATT&CK Enterprise v15

Tasks