General

  • Target

    c96b193e94a29d19cfe184b9ee48adde_JaffaCakes118

  • Size

    457KB

  • Sample

    240829-xhydeaxgqq

  • MD5

    c96b193e94a29d19cfe184b9ee48adde

  • SHA1

    4083b4ed3988e06ac6abd97cb8176b37f977a523

  • SHA256

    3637eb497d5ec49c35f4310296bb13223f1b3a137530096e62136796727d5001

  • SHA512

    320c0af1285d315b1c05e37a25642156b8ad421a8e5a05595b536f86b3c7b9edcb4d9a20aa4537809d743975e3634ece2952b823ced09157304465190d4bcdb8

  • SSDEEP

    12288:UwCfuQX0yJIgKemq8y+VY249DIOLHU7Rx4YwQ3i:/CmQEyIguyrVT47RvwR

Malware Config

Targets

    • Target

      c96b193e94a29d19cfe184b9ee48adde_JaffaCakes118

    • Size

      457KB

    • MD5

      c96b193e94a29d19cfe184b9ee48adde

    • SHA1

      4083b4ed3988e06ac6abd97cb8176b37f977a523

    • SHA256

      3637eb497d5ec49c35f4310296bb13223f1b3a137530096e62136796727d5001

    • SHA512

      320c0af1285d315b1c05e37a25642156b8ad421a8e5a05595b536f86b3c7b9edcb4d9a20aa4537809d743975e3634ece2952b823ced09157304465190d4bcdb8

    • SSDEEP

      12288:UwCfuQX0yJIgKemq8y+VY249DIOLHU7Rx4YwQ3i:/CmQEyIguyrVT47RvwR

    • Expiro, m0yv

      Expiro aka m0yv is a multi-functional backdoor written in C++.

    • Expiro payload

MITRE ATT&CK Enterprise v15

Tasks