General

  • Target

    d2c296d36ab30e4801327b3e2e414670_JaffaCakes118

  • Size

    7.3MB

  • Sample

    240907-y4d3bssglr

  • MD5

    d2c296d36ab30e4801327b3e2e414670

  • SHA1

    ef90e00c2ea0c9a1daae765d79fb59684299b338

  • SHA256

    20f1bf60fe276a7da30d797dc4237545313f982d6b0cb3009090731ffccfde7c

  • SHA512

    e4191f43786e23ae847d4163fcda19767672b455e73d787e2cd443b2f93d568620d6f42f07f3edbf792d47bdef43ca8d8ed69cae441c412e78b297d5e25d809c

  • SSDEEP

    98304:4xC3ud6MOIvysiwCQKzo5qphIHVruP3WpF3UdE1hZHEdLFWmil+:TGQFMkhgJuP32+dmhZk/c

Malware Config

Targets

    • Target

      d2c296d36ab30e4801327b3e2e414670_JaffaCakes118

    • Size

      7.3MB

    • MD5

      d2c296d36ab30e4801327b3e2e414670

    • SHA1

      ef90e00c2ea0c9a1daae765d79fb59684299b338

    • SHA256

      20f1bf60fe276a7da30d797dc4237545313f982d6b0cb3009090731ffccfde7c

    • SHA512

      e4191f43786e23ae847d4163fcda19767672b455e73d787e2cd443b2f93d568620d6f42f07f3edbf792d47bdef43ca8d8ed69cae441c412e78b297d5e25d809c

    • SSDEEP

      98304:4xC3ud6MOIvysiwCQKzo5qphIHVruP3WpF3UdE1hZHEdLFWmil+:TGQFMkhgJuP32+dmhZk/c

    • Expiro, m0yv

      Expiro aka m0yv is a multi-functional backdoor written in C++.

    • Expiro payload

MITRE ATT&CK Enterprise v15

Tasks