General

  • Target

    c39ed6e01c2dbbda58a09af4a04aa651_JaffaCakes118

  • Size

    456KB

  • Sample

    240826-xlltsazdqe

  • MD5

    c39ed6e01c2dbbda58a09af4a04aa651

  • SHA1

    b3e68537f6da8b6a795c16ec4ee7133a0588eed4

  • SHA256

    ee6257efdef05a28102699b41e9ab430a8651de51084f77d84acf6c307428486

  • SHA512

    18cda93c7c8670c238147859df4d4ad7bc616900ce5c8a22b025ed87209f22af93b441f02416ef8f97d28f54d6c680f6839f41a8be7f2089f588cb66e05baebe

  • SSDEEP

    6144:/txqTBNoDuwZo3epvI24cA5ryo6tYooHZYaYtMPQC9lA9thH9HpJPj3oKQ:/txqTcuwGIvI24B5rUCHyaQC7erBHPn

Malware Config

Targets

    • Target

      c39ed6e01c2dbbda58a09af4a04aa651_JaffaCakes118

    • Size

      456KB

    • MD5

      c39ed6e01c2dbbda58a09af4a04aa651

    • SHA1

      b3e68537f6da8b6a795c16ec4ee7133a0588eed4

    • SHA256

      ee6257efdef05a28102699b41e9ab430a8651de51084f77d84acf6c307428486

    • SHA512

      18cda93c7c8670c238147859df4d4ad7bc616900ce5c8a22b025ed87209f22af93b441f02416ef8f97d28f54d6c680f6839f41a8be7f2089f588cb66e05baebe

    • SSDEEP

      6144:/txqTBNoDuwZo3epvI24cA5ryo6tYooHZYaYtMPQC9lA9thH9HpJPj3oKQ:/txqTcuwGIvI24B5rUCHyaQC7erBHPn

    • Expiro, m0yv

      Expiro aka m0yv is a multi-functional backdoor written in C++.

    • Expiro payload

MITRE ATT&CK Enterprise v15

Tasks