General

  • Target

    03849662fa11670b89ca9e5583fac00e7fb0fdbb5d97897cf0a1650d3531d676

  • Size

    388KB

  • Sample

    240427-pgcfjsah8v

  • MD5

    e424e9cb9208782f7692a954d079f2c8

  • SHA1

    7d94d743f78bbb397a92a25f4674fcf38b736ae3

  • SHA256

    03849662fa11670b89ca9e5583fac00e7fb0fdbb5d97897cf0a1650d3531d676

  • SHA512

    72f13c7f4de4539db06a02c7d9bb80dbe427a464700bab911328d9ad2b44cd0c14f5e5917985d1a660f092294664e052311958cb5f618dd7e6cce8d36f73273a

  • SSDEEP

    6144:5aiP/aK2h9H/B+nIBVrQE3pnPUBTVrGV2QyKxTbU909+cyb0y7:5HP/aK2vB+IHMmyJGek/U9bw8

Score
10/10

Malware Config

Targets

    • Target

      03849662fa11670b89ca9e5583fac00e7fb0fdbb5d97897cf0a1650d3531d676

    • Size

      388KB

    • MD5

      e424e9cb9208782f7692a954d079f2c8

    • SHA1

      7d94d743f78bbb397a92a25f4674fcf38b736ae3

    • SHA256

      03849662fa11670b89ca9e5583fac00e7fb0fdbb5d97897cf0a1650d3531d676

    • SHA512

      72f13c7f4de4539db06a02c7d9bb80dbe427a464700bab911328d9ad2b44cd0c14f5e5917985d1a660f092294664e052311958cb5f618dd7e6cce8d36f73273a

    • SSDEEP

      6144:5aiP/aK2h9H/B+nIBVrQE3pnPUBTVrGV2QyKxTbU909+cyb0y7:5HP/aK2vB+IHMmyJGek/U9bw8

    Score
    10/10
    • Expiro, m0yv

      Expiro aka m0yv is a multi-functional backdoor written in C++.

    • Expiro payload

MITRE ATT&CK Matrix

Tasks