General

  • Target

    c8961a92537aed3d917662168204cf35_JaffaCakes118

  • Size

    456KB

  • Sample

    240829-lrnpsaxcjj

  • MD5

    c8961a92537aed3d917662168204cf35

  • SHA1

    d9685af8c8f84c20bc6fddfe2d1f9c822ba8af34

  • SHA256

    ab0ed5d9190e85982b505e95e9404a620c6761fa37d73160093fa7584b1409b8

  • SHA512

    c2f8dbbdfb60d3666c73bf0a6af2da67c24ff0ecfda0b025b7a19b032466945a60d482a5ea79fdcee277a2c1a1f8d1c235ec700d0fa4db4d2f857b2fc0790fb0

  • SSDEEP

    12288:BtPqTBNdKcWEbL2Ubr4TgyUbZm6qCs8e/G:mTBNAYbL2Ub8T5geL

Malware Config

Targets

    • Target

      c8961a92537aed3d917662168204cf35_JaffaCakes118

    • Size

      456KB

    • MD5

      c8961a92537aed3d917662168204cf35

    • SHA1

      d9685af8c8f84c20bc6fddfe2d1f9c822ba8af34

    • SHA256

      ab0ed5d9190e85982b505e95e9404a620c6761fa37d73160093fa7584b1409b8

    • SHA512

      c2f8dbbdfb60d3666c73bf0a6af2da67c24ff0ecfda0b025b7a19b032466945a60d482a5ea79fdcee277a2c1a1f8d1c235ec700d0fa4db4d2f857b2fc0790fb0

    • SSDEEP

      12288:BtPqTBNdKcWEbL2Ubr4TgyUbZm6qCs8e/G:mTBNAYbL2Ub8T5geL

    • Expiro, m0yv

      Expiro aka m0yv is a multi-functional backdoor written in C++.

    • Expiro payload

MITRE ATT&CK Enterprise v15

Tasks