General

  • Target

    c0f10a282027e687465c54348b866965_JaffaCakes118

  • Size

    417KB

  • Sample

    240825-rv4s3ayfnb

  • MD5

    c0f10a282027e687465c54348b866965

  • SHA1

    a3bb7dae3214337515ed716c72d3f52893c77609

  • SHA256

    f3c4d748a18c214650f2c16b98c09bdc2488b3496c2a8e0fc3953f7fef5a6ec1

  • SHA512

    45c064117cbd2f4a7f2d2000cc88da8c9ca762020b5f0c0a5d4dea8595895907e8a7ca9ff0aee3e9313a45fd3ba8be99e9fa5435291ac812ec6621601d78b978

  • SSDEEP

    6144:oSpwTEOzPSK5U2SoJ8VWackqV1ZmXRWLgKocUq8nOfaIROo71YvK09lw+45B:H+IK5U2SoyspmwLQcUqgsPBYv745B

Malware Config

Targets

    • Target

      c0f10a282027e687465c54348b866965_JaffaCakes118

    • Size

      417KB

    • MD5

      c0f10a282027e687465c54348b866965

    • SHA1

      a3bb7dae3214337515ed716c72d3f52893c77609

    • SHA256

      f3c4d748a18c214650f2c16b98c09bdc2488b3496c2a8e0fc3953f7fef5a6ec1

    • SHA512

      45c064117cbd2f4a7f2d2000cc88da8c9ca762020b5f0c0a5d4dea8595895907e8a7ca9ff0aee3e9313a45fd3ba8be99e9fa5435291ac812ec6621601d78b978

    • SSDEEP

      6144:oSpwTEOzPSK5U2SoJ8VWackqV1ZmXRWLgKocUq8nOfaIROo71YvK09lw+45B:H+IK5U2SoyspmwLQcUqgsPBYv745B

    • Expiro, m0yv

      Expiro aka m0yv is a multi-functional backdoor written in C++.

    • Expiro payload

MITRE ATT&CK Enterprise v15

Tasks