General

  • Target

    c2ed262ac304095e565f5ae343119634_JaffaCakes118

  • Size

    416KB

  • Sample

    240826-nwrncatarp

  • MD5

    c2ed262ac304095e565f5ae343119634

  • SHA1

    7e75fbbc0d6e2a3f1d1f5b81cdc7d2f40a826d4d

  • SHA256

    e1e2012fa29ab5d6c487ddd4dc9b3ddab9fc4bc85e497e67dcfda1dd2be18e1a

  • SHA512

    84840344c860f05411b2a25dc299fad35123cdd27bc97a2d343a571dbd9e9f8766ee8df94a80654ca628e5dabdc893f0a62aef740754370e6b02e92537c1334c

  • SSDEEP

    6144:xMsLZKYZt8OX6sXVHGSEnAVYOe6rwKsgSeSBVIGzHnne1NX92HB3XF:xMgZKYL8OX6sXJmn4eW/GFze1Fi3X

Score
10/10

Malware Config

Targets

    • Target

      c2ed262ac304095e565f5ae343119634_JaffaCakes118

    • Size

      416KB

    • MD5

      c2ed262ac304095e565f5ae343119634

    • SHA1

      7e75fbbc0d6e2a3f1d1f5b81cdc7d2f40a826d4d

    • SHA256

      e1e2012fa29ab5d6c487ddd4dc9b3ddab9fc4bc85e497e67dcfda1dd2be18e1a

    • SHA512

      84840344c860f05411b2a25dc299fad35123cdd27bc97a2d343a571dbd9e9f8766ee8df94a80654ca628e5dabdc893f0a62aef740754370e6b02e92537c1334c

    • SSDEEP

      6144:xMsLZKYZt8OX6sXVHGSEnAVYOe6rwKsgSeSBVIGzHnne1NX92HB3XF:xMgZKYL8OX6sXJmn4eW/GFze1Fi3X

    Score
    10/10
    • Expiro, m0yv

      Expiro aka m0yv is a multi-functional backdoor written in C++.

    • Expiro payload

MITRE ATT&CK Matrix

Tasks