General

  • Target

    dc50cf8a3b612bae44e5dfd8661d8c66_JaffaCakes118

  • Size

    457KB

  • Sample

    240912-p3e4kavhpd

  • MD5

    dc50cf8a3b612bae44e5dfd8661d8c66

  • SHA1

    6d2c43b86fee1b9a01e8df796a7b0097cfa39374

  • SHA256

    550567b806b3ea0bb86d2eea6336c99866380f2bb67b07e248591cdab0cf8e94

  • SHA512

    15b5fc87de67fe37e253fdff2ef7db3178f4d7a68f274b50182f4cd9aff96c9b23e91356dedca63ccdd95476fa8d1a379c6482f9a0913367447a33146004a485

  • SSDEEP

    12288:EE4ck+1mkcbLVb8y+VY249DIOLHU7Rx4YwQ3i:3qosCyrVT47RvwR

Malware Config

Targets

    • Target

      dc50cf8a3b612bae44e5dfd8661d8c66_JaffaCakes118

    • Size

      457KB

    • MD5

      dc50cf8a3b612bae44e5dfd8661d8c66

    • SHA1

      6d2c43b86fee1b9a01e8df796a7b0097cfa39374

    • SHA256

      550567b806b3ea0bb86d2eea6336c99866380f2bb67b07e248591cdab0cf8e94

    • SHA512

      15b5fc87de67fe37e253fdff2ef7db3178f4d7a68f274b50182f4cd9aff96c9b23e91356dedca63ccdd95476fa8d1a379c6482f9a0913367447a33146004a485

    • SSDEEP

      12288:EE4ck+1mkcbLVb8y+VY249DIOLHU7Rx4YwQ3i:3qosCyrVT47RvwR

    • Expiro, m0yv

      Expiro aka m0yv is a multi-functional backdoor written in C++.

    • Expiro payload

MITRE ATT&CK Enterprise v15

Tasks