General

  • Target

    d308f5359b93fefdfb3125eade9040bf_JaffaCakes118

  • Size

    678KB

  • Sample

    240907-28hsvstbjd

  • MD5

    d308f5359b93fefdfb3125eade9040bf

  • SHA1

    155bce655d75e34ad5ba0f20b21608c389e43d2d

  • SHA256

    1f2e80b2b5d1ac5f899813e7917e6354e76cd4237674fc3b5a2bc27c920b9deb

  • SHA512

    0c759a3eb051395d6976a67d37a4f6c11638d458a337a0be49872deea05e53596df81d5831d9dbf178aad54ac89e2d61f5df83c8b275c78d3aa95158246b3444

  • SSDEEP

    12288:3W+Dfhg0cvd5JIDRT+w1c4X1iVvXICgr+pNNbnEAxfuM:3DJnidcDRTF1/QvYLi/NTxu

Malware Config

Targets

    • Target

      d308f5359b93fefdfb3125eade9040bf_JaffaCakes118

    • Size

      678KB

    • MD5

      d308f5359b93fefdfb3125eade9040bf

    • SHA1

      155bce655d75e34ad5ba0f20b21608c389e43d2d

    • SHA256

      1f2e80b2b5d1ac5f899813e7917e6354e76cd4237674fc3b5a2bc27c920b9deb

    • SHA512

      0c759a3eb051395d6976a67d37a4f6c11638d458a337a0be49872deea05e53596df81d5831d9dbf178aad54ac89e2d61f5df83c8b275c78d3aa95158246b3444

    • SSDEEP

      12288:3W+Dfhg0cvd5JIDRT+w1c4X1iVvXICgr+pNNbnEAxfuM:3DJnidcDRTF1/QvYLi/NTxu

    • Expiro, m0yv

      Expiro aka m0yv is a multi-functional backdoor written in C++.

    • Expiro payload

MITRE ATT&CK Enterprise v15

Tasks