General

  • Target

    da6415b0570d65eb3ea454f1a6f43d43_JaffaCakes118

  • Size

    417KB

  • Sample

    240911-p5xrds1hpb

  • MD5

    da6415b0570d65eb3ea454f1a6f43d43

  • SHA1

    4153e0f041e3b43aa826fbde38a06c004c93e0f3

  • SHA256

    13440e75012aa7b4f09dd21a38ccb9b0a57abe4a02a09fa95ea69cbfdfb07cb6

  • SHA512

    bbc8076de6cb3f9623c886eea216c14b5325494403e52c5d15ba90034287386f826d751756de0c56eda9519fec64a4937241c332d56065fe36dccf89c13f2cd5

  • SSDEEP

    6144:uSpwTEOzPSK5U2SoJ8VWackzV1ZmXRWLgKocUq8nOfaIROo71YvK09lw+45B:x+IK5U2SoyswmwLQcUqgsPBYv745B

Malware Config

Targets

    • Target

      da6415b0570d65eb3ea454f1a6f43d43_JaffaCakes118

    • Size

      417KB

    • MD5

      da6415b0570d65eb3ea454f1a6f43d43

    • SHA1

      4153e0f041e3b43aa826fbde38a06c004c93e0f3

    • SHA256

      13440e75012aa7b4f09dd21a38ccb9b0a57abe4a02a09fa95ea69cbfdfb07cb6

    • SHA512

      bbc8076de6cb3f9623c886eea216c14b5325494403e52c5d15ba90034287386f826d751756de0c56eda9519fec64a4937241c332d56065fe36dccf89c13f2cd5

    • SSDEEP

      6144:uSpwTEOzPSK5U2SoJ8VWackzV1ZmXRWLgKocUq8nOfaIROo71YvK09lw+45B:x+IK5U2SoyswmwLQcUqgsPBYv745B

    • Expiro, m0yv

      Expiro aka m0yv is a multi-functional backdoor written in C++.

    • Expiro payload

MITRE ATT&CK Enterprise v15

Tasks