General

  • Target

    ca751d2be8e93a84ec6815635b90b5d4_JaffaCakes118

  • Size

    19.5MB

  • Sample

    240830-jv136stdlg

  • MD5

    ca751d2be8e93a84ec6815635b90b5d4

  • SHA1

    78ed09e36cf43c3a1adc52cc7f4e0862885415eb

  • SHA256

    329666ffd3da4182c522530d196d15498ca39801d2c662a26b583eb2b09fd66e

  • SHA512

    a59a5b9f2f073b14a84ab6353a0d205d2353b2a32b722dec84a2db10d65b5c51b4669d1b32c6e825eb705a3878c3643e82bb3b6a4fd5a95f5225cf85b120231f

  • SSDEEP

    393216:tlHZI2hMQdB7H/hUfaCVjTPEtOSNVW8ImMyX5/4BaPBr7rt2Rq:D1M4B7CC2AtjXImNXZ4c5kRq

Malware Config

Targets

    • Target

      ca751d2be8e93a84ec6815635b90b5d4_JaffaCakes118

    • Size

      19.5MB

    • MD5

      ca751d2be8e93a84ec6815635b90b5d4

    • SHA1

      78ed09e36cf43c3a1adc52cc7f4e0862885415eb

    • SHA256

      329666ffd3da4182c522530d196d15498ca39801d2c662a26b583eb2b09fd66e

    • SHA512

      a59a5b9f2f073b14a84ab6353a0d205d2353b2a32b722dec84a2db10d65b5c51b4669d1b32c6e825eb705a3878c3643e82bb3b6a4fd5a95f5225cf85b120231f

    • SSDEEP

      393216:tlHZI2hMQdB7H/hUfaCVjTPEtOSNVW8ImMyX5/4BaPBr7rt2Rq:D1M4B7CC2AtjXImNXZ4c5kRq

    • Expiro, m0yv

      Expiro aka m0yv is a multi-functional backdoor written in C++.

    • Expiro payload

MITRE ATT&CK Enterprise v15

Tasks