General

  • Target

    c097d71dcd39cd389821a65b080a8b89_JaffaCakes118

  • Size

    437KB

  • Sample

    240825-m3r21ssfjj

  • MD5

    c097d71dcd39cd389821a65b080a8b89

  • SHA1

    935b3814174dae927a3dfa67eb2c4a63c0fd8975

  • SHA256

    28d26a03dcf43d42ae78574126407d2a6a29bb05f9b80dc1d2012c49db9dd803

  • SHA512

    49f9280dbb7368c18a68111b3394f438d355a93460001de031012e4162d5159ba8e1f1d8d8a9a364830abc2285d91c8b773d8e50ea400a7db9c016dc0797a89d

  • SSDEEP

    6144:UkVwm2i+mKaN68U8Wdvym8fXZkb/L07IkX/c6MVO4zXUdn1NwBLDmFBF3UN:Ari+m/A4Wx3UC/LzARMVO4sNyDm3F3U

Malware Config

Targets

    • Target

      c097d71dcd39cd389821a65b080a8b89_JaffaCakes118

    • Size

      437KB

    • MD5

      c097d71dcd39cd389821a65b080a8b89

    • SHA1

      935b3814174dae927a3dfa67eb2c4a63c0fd8975

    • SHA256

      28d26a03dcf43d42ae78574126407d2a6a29bb05f9b80dc1d2012c49db9dd803

    • SHA512

      49f9280dbb7368c18a68111b3394f438d355a93460001de031012e4162d5159ba8e1f1d8d8a9a364830abc2285d91c8b773d8e50ea400a7db9c016dc0797a89d

    • SSDEEP

      6144:UkVwm2i+mKaN68U8Wdvym8fXZkb/L07IkX/c6MVO4zXUdn1NwBLDmFBF3UN:Ari+m/A4Wx3UC/LzARMVO4sNyDm3F3U

    • Expiro, m0yv

      Expiro aka m0yv is a multi-functional backdoor written in C++.

    • Expiro payload

MITRE ATT&CK Enterprise v15

Tasks