General

  • Target

    e200416752b723ab950f3ad45ff2cf57_JaffaCakes118

  • Size

    456KB

  • Sample

    240915-jjtjystamn

  • MD5

    e200416752b723ab950f3ad45ff2cf57

  • SHA1

    1370da9de82c8f925f7a4847690174ae63632a10

  • SHA256

    1c103e21ab5ef37dd8cc4fe58d860c63c769bb6461bca2db1872aff88623e30c

  • SHA512

    01fc07300853bd57c324069fc5217e2acb3489c007dce1c9e04ef8447e1454f90682650563509be692fa7ae867fd5d62957f9994966cd9f5aa491bc6825c6fdc

  • SSDEEP

    12288:Qhz2CTUSJwndhZtpCa+7X5ahlJ3zZUPKN:45Tjak5ClJ3WPK

Malware Config

Targets

    • Target

      e200416752b723ab950f3ad45ff2cf57_JaffaCakes118

    • Size

      456KB

    • MD5

      e200416752b723ab950f3ad45ff2cf57

    • SHA1

      1370da9de82c8f925f7a4847690174ae63632a10

    • SHA256

      1c103e21ab5ef37dd8cc4fe58d860c63c769bb6461bca2db1872aff88623e30c

    • SHA512

      01fc07300853bd57c324069fc5217e2acb3489c007dce1c9e04ef8447e1454f90682650563509be692fa7ae867fd5d62957f9994966cd9f5aa491bc6825c6fdc

    • SSDEEP

      12288:Qhz2CTUSJwndhZtpCa+7X5ahlJ3zZUPKN:45Tjak5ClJ3WPK

    • Expiro, m0yv

      Expiro aka m0yv is a multi-functional backdoor written in C++.

    • Expiro payload

MITRE ATT&CK Enterprise v15

Tasks