General

  • Target

    d485dca9877888e4d05eb3c9965abdee_JaffaCakes118

  • Size

    432KB

  • Sample

    240908-raxt1szcqp

  • MD5

    d485dca9877888e4d05eb3c9965abdee

  • SHA1

    668810536325008ad8e5d3217c267e9231acfc91

  • SHA256

    721b50e45c8d9037ff40b504d7ca75880f86c0b37881b6a9d60eecf32e283ac0

  • SHA512

    2640fb3652cd87fe7663575d13ff5fb02d9d89aab3771250d9e6c4d7b3341ada233d19eae2b3c4f77353f1c4abd65df6e746cd9e3fd7baabf25750ac80548712

  • SSDEEP

    12288:mUCmZiCI2a5Wu+sjiONPegh44ud1ChP+F:ECIH5WQeOQQ4HuPE

Score
10/10

Malware Config

Targets

    • Target

      d485dca9877888e4d05eb3c9965abdee_JaffaCakes118

    • Size

      432KB

    • MD5

      d485dca9877888e4d05eb3c9965abdee

    • SHA1

      668810536325008ad8e5d3217c267e9231acfc91

    • SHA256

      721b50e45c8d9037ff40b504d7ca75880f86c0b37881b6a9d60eecf32e283ac0

    • SHA512

      2640fb3652cd87fe7663575d13ff5fb02d9d89aab3771250d9e6c4d7b3341ada233d19eae2b3c4f77353f1c4abd65df6e746cd9e3fd7baabf25750ac80548712

    • SSDEEP

      12288:mUCmZiCI2a5Wu+sjiONPegh44ud1ChP+F:ECIH5WQeOQQ4HuPE

    Score
    10/10
    • Expiro, m0yv

      Expiro aka m0yv is a multi-functional backdoor written in C++.

    • Expiro payload

MITRE ATT&CK Matrix

Tasks