General

  • Target

    da5f5fea7134bd2f3b03320903362620_JaffaCakes118

  • Size

    457KB

  • Sample

    240911-px6z4a1eqa

  • MD5

    da5f5fea7134bd2f3b03320903362620

  • SHA1

    b255c7ac72b52b4432236c7d1e59c12e9e3b5b2a

  • SHA256

    885c30f00ab982c58813c722b9cc864f46f224a4a0986cb1b29408336deeefd7

  • SHA512

    7d9fd0929fe18ab771c4f4378e705cdc7ceb9f271caacf4742b85214bbcdee56512e4c8cd5f8ae82a20240f1d599046d7d2e661ad42f3a3222b35184bc550efe

  • SSDEEP

    12288:lcR8mi3n/zcrVKjexaN+2W3hhRpyUBtdutCnv:i+F/vaMmjdb

Malware Config

Targets

    • Target

      da5f5fea7134bd2f3b03320903362620_JaffaCakes118

    • Size

      457KB

    • MD5

      da5f5fea7134bd2f3b03320903362620

    • SHA1

      b255c7ac72b52b4432236c7d1e59c12e9e3b5b2a

    • SHA256

      885c30f00ab982c58813c722b9cc864f46f224a4a0986cb1b29408336deeefd7

    • SHA512

      7d9fd0929fe18ab771c4f4378e705cdc7ceb9f271caacf4742b85214bbcdee56512e4c8cd5f8ae82a20240f1d599046d7d2e661ad42f3a3222b35184bc550efe

    • SSDEEP

      12288:lcR8mi3n/zcrVKjexaN+2W3hhRpyUBtdutCnv:i+F/vaMmjdb

    • Expiro, m0yv

      Expiro aka m0yv is a multi-functional backdoor written in C++.

    • Expiro payload

MITRE ATT&CK Enterprise v15

Tasks