General

  • Target

    0fb9f47f7c4b82822bd30a50d06d8850_NeikiAnalytics

  • Size

    604KB

  • Sample

    240509-2brz9shh7t

  • MD5

    0fb9f47f7c4b82822bd30a50d06d8850

  • SHA1

    97b1ef7d4e5f4ed61f116ca76d6e058caedbb851

  • SHA256

    a90cf61053cb1865f8166bf4ae9c71feadf4062be6407b6a979dbfcaba2b8f06

  • SHA512

    0e55b548a3234c517a4efafaa7fd8ae8f91fb1d492e4abaeb6ab4ab3064332e6d02cdcb0a0e0b8515fdca94486d25e84d2ed23eb74409afcf04b828c7ea8e1a4

  • SSDEEP

    12288:vF9vt8QBhGx31IoOZlYSMV3/5dXvWQI6L4RuSvR0mqV:dDhG31IoOPnU3/P/WQI/vSmm

Score
10/10

Malware Config

Targets

    • Target

      0fb9f47f7c4b82822bd30a50d06d8850_NeikiAnalytics

    • Size

      604KB

    • MD5

      0fb9f47f7c4b82822bd30a50d06d8850

    • SHA1

      97b1ef7d4e5f4ed61f116ca76d6e058caedbb851

    • SHA256

      a90cf61053cb1865f8166bf4ae9c71feadf4062be6407b6a979dbfcaba2b8f06

    • SHA512

      0e55b548a3234c517a4efafaa7fd8ae8f91fb1d492e4abaeb6ab4ab3064332e6d02cdcb0a0e0b8515fdca94486d25e84d2ed23eb74409afcf04b828c7ea8e1a4

    • SSDEEP

      12288:vF9vt8QBhGx31IoOZlYSMV3/5dXvWQI6L4RuSvR0mqV:dDhG31IoOPnU3/P/WQI/vSmm

    Score
    10/10
    • Expiro, m0yv

      Expiro aka m0yv is a multi-functional backdoor written in C++.

    • Expiro payload

MITRE ATT&CK Matrix

Tasks