General

  • Target

    c579c237f0f0aeb2c8341c18b45c3dbb_JaffaCakes118

  • Size

    437KB

  • Sample

    240827-wwktsswcnk

  • MD5

    c579c237f0f0aeb2c8341c18b45c3dbb

  • SHA1

    77f8ec8f910fcd6ac556f848cbb6c4fe763bdf9b

  • SHA256

    6c4f04ea129109043a5688d60a468ecc2fd7fe191378fd70edd42e4761f26295

  • SHA512

    8a2e58038b236e2be9cb998df8516fe22b925e9c267451aec782c85196b9bf3288ea76748755b4583f10cbb30052110c96ccbc7104c4b284912f4c8934d1a974

  • SSDEEP

    6144:UKVwm2i+mKaN68U8Wdvym8fXZke/L07IkX/c6MVO4zXUdn1NwBLDmFBF3UN:yri+m/A4Wx3U//LzARMVO4sNyDm3F3U

Malware Config

Targets

    • Target

      c579c237f0f0aeb2c8341c18b45c3dbb_JaffaCakes118

    • Size

      437KB

    • MD5

      c579c237f0f0aeb2c8341c18b45c3dbb

    • SHA1

      77f8ec8f910fcd6ac556f848cbb6c4fe763bdf9b

    • SHA256

      6c4f04ea129109043a5688d60a468ecc2fd7fe191378fd70edd42e4761f26295

    • SHA512

      8a2e58038b236e2be9cb998df8516fe22b925e9c267451aec782c85196b9bf3288ea76748755b4583f10cbb30052110c96ccbc7104c4b284912f4c8934d1a974

    • SSDEEP

      6144:UKVwm2i+mKaN68U8Wdvym8fXZke/L07IkX/c6MVO4zXUdn1NwBLDmFBF3UN:yri+m/A4Wx3U//LzARMVO4sNyDm3F3U

    • Expiro, m0yv

      Expiro aka m0yv is a multi-functional backdoor written in C++.

    • Expiro payload

MITRE ATT&CK Enterprise v15

Tasks