General

  • Target

    cfb680b75110fd33ad91fa708e376e43_JaffaCakes118

  • Size

    738KB

  • Sample

    240906-rgbv5a1ejb

  • MD5

    cfb680b75110fd33ad91fa708e376e43

  • SHA1

    19cb2cdfebd5fc3e8f46c292fad6bd84f63e076d

  • SHA256

    60f342256fc624085c433ebd75418caddb9c0c3079f00b1ff3ffeb3c900f6dce

  • SHA512

    164fde0a6d9d6b055e2394cc9390db165af5a2a1d66a706c0ca5e1cbfff8d3cc854a801c1838631178ad935cf2d1600eb11c3c9c37f21a1aa88874b19d72b802

  • SSDEEP

    12288:LAwSfxL/2Dc3jDLLmt0LDQewsHjhWW1d9cSO0qIlp7+x9xhIS2:0GewsHjoW1d9cqNa98

Malware Config

Targets

    • Target

      cfb680b75110fd33ad91fa708e376e43_JaffaCakes118

    • Size

      738KB

    • MD5

      cfb680b75110fd33ad91fa708e376e43

    • SHA1

      19cb2cdfebd5fc3e8f46c292fad6bd84f63e076d

    • SHA256

      60f342256fc624085c433ebd75418caddb9c0c3079f00b1ff3ffeb3c900f6dce

    • SHA512

      164fde0a6d9d6b055e2394cc9390db165af5a2a1d66a706c0ca5e1cbfff8d3cc854a801c1838631178ad935cf2d1600eb11c3c9c37f21a1aa88874b19d72b802

    • SSDEEP

      12288:LAwSfxL/2Dc3jDLLmt0LDQewsHjhWW1d9cSO0qIlp7+x9xhIS2:0GewsHjoW1d9cqNa98

    • Expiro, m0yv

      Expiro aka m0yv is a multi-functional backdoor written in C++.

    • Expiro payload

MITRE ATT&CK Enterprise v15

Tasks