General

  • Target

    40e678e7d38a1541c06d16895d75f856.exe

  • Size

    774KB

  • Sample

    210421-glv2eppk8e

  • MD5

    40e678e7d38a1541c06d16895d75f856

  • SHA1

    5faee553c8dc1cc0492d7b8b78329ac56100c040

  • SHA256

    7aa6ba1ed3e72514eac19d8b9ee4f95a17e33b63159bc75bd57ad8b38ce6361e

  • SHA512

    4abce8638860dc80ec23516aba60cd1c87a66c8a98fb62730e042a8f78841afe45fd2c021f15395a06eb0b4b4e6a95809ce0d8d6806f95c2cc516caa7362be22

Malware Config

Extracted

Family

xpertrat

Version

3.0.10

Botnet

XXX

C2

kapasky-antivirus.firewall-gateway.net:2054

kapasky-antivirus.firewall-gateway.net:4000

Mutex

U4G3L113-M7Y0-X0M5-M3D5-U8C7U551Q8Q7

Targets

    • Target

      40e678e7d38a1541c06d16895d75f856.exe

    • Size

      774KB

    • MD5

      40e678e7d38a1541c06d16895d75f856

    • SHA1

      5faee553c8dc1cc0492d7b8b78329ac56100c040

    • SHA256

      7aa6ba1ed3e72514eac19d8b9ee4f95a17e33b63159bc75bd57ad8b38ce6361e

    • SHA512

      4abce8638860dc80ec23516aba60cd1c87a66c8a98fb62730e042a8f78841afe45fd2c021f15395a06eb0b4b4e6a95809ce0d8d6806f95c2cc516caa7362be22

MITRE ATT&CK Enterprise v6

Tasks