General

  • Target

    dc26d44b77476f9e2149c725b15eb5d3_JaffaCakes118

  • Size

    417KB

  • Sample

    240912-k6ws9szhnl

  • MD5

    dc26d44b77476f9e2149c725b15eb5d3

  • SHA1

    ad23d08ac189620e0271cf6da8d6356f181f583b

  • SHA256

    f7a9035f23ed732614de7faf431cf6b2ff8920fa6e03e3073fd32db28156b679

  • SHA512

    080d598e8b8454fc9e70a180ed0759993053b0bfd675d3f87d55de11a68bebae79ab7c05e6299e6284beb88375308e4af930b3f9c1ca54049eb7942f4c323c6c

  • SSDEEP

    6144:kSpwTEOzPSK5U2SoJ8VWackpV1ZmXRWLgKocUq8nOfaIROo71YvK09lw+45B:T+IK5U2SoysymwLQcUqgsPBYv745B

Malware Config

Targets

    • Target

      dc26d44b77476f9e2149c725b15eb5d3_JaffaCakes118

    • Size

      417KB

    • MD5

      dc26d44b77476f9e2149c725b15eb5d3

    • SHA1

      ad23d08ac189620e0271cf6da8d6356f181f583b

    • SHA256

      f7a9035f23ed732614de7faf431cf6b2ff8920fa6e03e3073fd32db28156b679

    • SHA512

      080d598e8b8454fc9e70a180ed0759993053b0bfd675d3f87d55de11a68bebae79ab7c05e6299e6284beb88375308e4af930b3f9c1ca54049eb7942f4c323c6c

    • SSDEEP

      6144:kSpwTEOzPSK5U2SoJ8VWackpV1ZmXRWLgKocUq8nOfaIROo71YvK09lw+45B:T+IK5U2SoysymwLQcUqgsPBYv745B

    • Expiro, m0yv

      Expiro aka m0yv is a multi-functional backdoor written in C++.

    • Expiro payload

MITRE ATT&CK Enterprise v15

Tasks