General

  • Target

    daf3abc968c797bb49ec2e5d0bdac10c_JaffaCakes118

  • Size

    416KB

  • Sample

    240911-wxh2lavfmr

  • MD5

    daf3abc968c797bb49ec2e5d0bdac10c

  • SHA1

    a76f50de0f564f8714b5626cecd59ae02b879053

  • SHA256

    65920de9797700d94dbd6d421232e0ed44d09583e07af1b3c1bbbecc52bc4d65

  • SHA512

    67051d6ff71e53f145527bce7c33dcb28703f600c1160314d72febc8188600d8799f8904c05d3193d0e7dffee7b511dce4010d05175f0b3b725d7f50c97237c7

  • SSDEEP

    6144:PcrDssFNUBoYPU/EqvoIdF18SGbH/TGQju2JPWu9SUiXaz7HI7cO/bD:PwDrUBZPUNvoGF1UHbHycSUrzbgc

Score
10/10

Malware Config

Targets

    • Target

      daf3abc968c797bb49ec2e5d0bdac10c_JaffaCakes118

    • Size

      416KB

    • MD5

      daf3abc968c797bb49ec2e5d0bdac10c

    • SHA1

      a76f50de0f564f8714b5626cecd59ae02b879053

    • SHA256

      65920de9797700d94dbd6d421232e0ed44d09583e07af1b3c1bbbecc52bc4d65

    • SHA512

      67051d6ff71e53f145527bce7c33dcb28703f600c1160314d72febc8188600d8799f8904c05d3193d0e7dffee7b511dce4010d05175f0b3b725d7f50c97237c7

    • SSDEEP

      6144:PcrDssFNUBoYPU/EqvoIdF18SGbH/TGQju2JPWu9SUiXaz7HI7cO/bD:PwDrUBZPUNvoGF1UHbHycSUrzbgc

    Score
    10/10
    • Expiro, m0yv

      Expiro aka m0yv is a multi-functional backdoor written in C++.

    • Expiro payload

MITRE ATT&CK Matrix

Tasks