General

  • Target

    8889eea977f95845b822af11aeb958d8dcce97c583c7482b1ea6d3c1d1df7b24

  • Size

    586KB

  • Sample

    240828-akqp1szbpn

  • MD5

    2d3979f24796b7a7675d300a9e910e23

  • SHA1

    f92e950914e0ea344f1db40f777147467ddae5d4

  • SHA256

    8889eea977f95845b822af11aeb958d8dcce97c583c7482b1ea6d3c1d1df7b24

  • SHA512

    b7f4db9d57835f813b43a52e3c43646d628c26e42587b9dae87064ccafd2cc9e2a20d0eeec8294f37e55e098c2092e9cbd3f4e5c031aa5d15158fd8287ff0d46

  • SSDEEP

    12288:1AblbRfky6B+mC/3m3rCnc2K5Q2CLrbDy3/+4:1mlbht6BHg7c2KSjXD4h

Malware Config

Targets

    • Target

      8889eea977f95845b822af11aeb958d8dcce97c583c7482b1ea6d3c1d1df7b24

    • Size

      586KB

    • MD5

      2d3979f24796b7a7675d300a9e910e23

    • SHA1

      f92e950914e0ea344f1db40f777147467ddae5d4

    • SHA256

      8889eea977f95845b822af11aeb958d8dcce97c583c7482b1ea6d3c1d1df7b24

    • SHA512

      b7f4db9d57835f813b43a52e3c43646d628c26e42587b9dae87064ccafd2cc9e2a20d0eeec8294f37e55e098c2092e9cbd3f4e5c031aa5d15158fd8287ff0d46

    • SSDEEP

      12288:1AblbRfky6B+mC/3m3rCnc2K5Q2CLrbDy3/+4:1mlbht6BHg7c2KSjXD4h

    • Expiro, m0yv

      Expiro aka m0yv is a multi-functional backdoor written in C++.

    • Expiro payload

MITRE ATT&CK Enterprise v15

Tasks