General

  • Target

    d8a9f0d845354c105cbcd16dc1057806_JaffaCakes118

  • Size

    432KB

  • Sample

    240910-vpcdeawdqb

  • MD5

    d8a9f0d845354c105cbcd16dc1057806

  • SHA1

    23957007115b861e78c8fc0faa133c60d5a86864

  • SHA256

    1b99523c838ad1461889368bce86d574e78369b37d955ba541baa4115eb371ca

  • SHA512

    42a1d731e59a4cc0d4c9156a3d3d44342e6c6f5a7fc3079aa4ab792f4372a9c785307eab97be772406d780661820ed926d29e2ad612c9cbfbe29f0d71257e92e

  • SSDEEP

    6144:kFUCmZqoFWC6xhS1tdsiHkrkcCmKCmOtPK/mHOPGVzx5IFB3On2Jhho+1KqxYFgp:4UCmZiCiS1DPCa+7X5ahlJ3zZUPKN

Score
10/10

Malware Config

Targets

    • Target

      d8a9f0d845354c105cbcd16dc1057806_JaffaCakes118

    • Size

      432KB

    • MD5

      d8a9f0d845354c105cbcd16dc1057806

    • SHA1

      23957007115b861e78c8fc0faa133c60d5a86864

    • SHA256

      1b99523c838ad1461889368bce86d574e78369b37d955ba541baa4115eb371ca

    • SHA512

      42a1d731e59a4cc0d4c9156a3d3d44342e6c6f5a7fc3079aa4ab792f4372a9c785307eab97be772406d780661820ed926d29e2ad612c9cbfbe29f0d71257e92e

    • SSDEEP

      6144:kFUCmZqoFWC6xhS1tdsiHkrkcCmKCmOtPK/mHOPGVzx5IFB3On2Jhho+1KqxYFgp:4UCmZiCiS1DPCa+7X5ahlJ3zZUPKN

    Score
    10/10
    • Expiro, m0yv

      Expiro aka m0yv is a multi-functional backdoor written in C++.

    • Expiro payload

MITRE ATT&CK Matrix

Tasks