General

  • Target

    c3ce7e8eaccba1a9ceecba3b3c0abd1e5a64572dcf6f20208f23e5c1f2666a95

  • Size

    404KB

  • Sample

    240521-pgkf6add67

  • MD5

    db4975c203b55a7798409f560f02765b

  • SHA1

    014b59f21635afb28ca7be421ff75982d76b2985

  • SHA256

    c3ce7e8eaccba1a9ceecba3b3c0abd1e5a64572dcf6f20208f23e5c1f2666a95

  • SHA512

    bf4287d9bdd610b8118f502a8d08aeba901fc52ccf2fd93ccb14bb703e6fe8a1777b507e3be55f4c1485dcbcf61575fb5f2fe73c28deb0634769110a75f8c784

  • SSDEEP

    12288:D6P/aK2vB+hD/K8HutW+5Y2CmkteQI0Dqf0:DOCKABYmjpePnI0mf

Score
10/10

Malware Config

Targets

    • Target

      c3ce7e8eaccba1a9ceecba3b3c0abd1e5a64572dcf6f20208f23e5c1f2666a95

    • Size

      404KB

    • MD5

      db4975c203b55a7798409f560f02765b

    • SHA1

      014b59f21635afb28ca7be421ff75982d76b2985

    • SHA256

      c3ce7e8eaccba1a9ceecba3b3c0abd1e5a64572dcf6f20208f23e5c1f2666a95

    • SHA512

      bf4287d9bdd610b8118f502a8d08aeba901fc52ccf2fd93ccb14bb703e6fe8a1777b507e3be55f4c1485dcbcf61575fb5f2fe73c28deb0634769110a75f8c784

    • SSDEEP

      12288:D6P/aK2vB+hD/K8HutW+5Y2CmkteQI0Dqf0:DOCKABYmjpePnI0mf

    Score
    10/10
    • Expiro, m0yv

      Expiro aka m0yv is a multi-functional backdoor written in C++.

    • Expiro payload

MITRE ATT&CK Matrix

Tasks