General

  • Target

    2024-08-28_c51cd8bdcee85f1f42725b94c19c98e5_mafia

  • Size

    1.2MB

  • Sample

    240828-z71k6swhlh

  • MD5

    c51cd8bdcee85f1f42725b94c19c98e5

  • SHA1

    973ab9e7e61c6656bca1702ffecf30bc315f47b5

  • SHA256

    977f336bc2cdd7cbc0bd7cbf94b361c729cf812e233570d06d34c7115c23a1fc

  • SHA512

    a5ab98e9f2398033af70faeb98bf3bf23e8173a5a2b67860cfcd908c8e6de19845796bb121eaa2d56d343de225dc5d285317451ebfe3bc49d73d82934d9567f4

  • SSDEEP

    24576:CqKyxJiDq6HJ+KssDQ6rL0KQ6rL0wgfSEcFkAmqqSxbei:lKeJiW6HJ+eQ6rL0KQ6rL01KEckAmqq

Malware Config

Targets

    • Target

      2024-08-28_c51cd8bdcee85f1f42725b94c19c98e5_mafia

    • Size

      1.2MB

    • MD5

      c51cd8bdcee85f1f42725b94c19c98e5

    • SHA1

      973ab9e7e61c6656bca1702ffecf30bc315f47b5

    • SHA256

      977f336bc2cdd7cbc0bd7cbf94b361c729cf812e233570d06d34c7115c23a1fc

    • SHA512

      a5ab98e9f2398033af70faeb98bf3bf23e8173a5a2b67860cfcd908c8e6de19845796bb121eaa2d56d343de225dc5d285317451ebfe3bc49d73d82934d9567f4

    • SSDEEP

      24576:CqKyxJiDq6HJ+KssDQ6rL0KQ6rL0wgfSEcFkAmqqSxbei:lKeJiW6HJ+eQ6rL0KQ6rL01KEckAmqq

    • Expiro, m0yv

      Expiro aka m0yv is a multi-functional backdoor written in C++.

    • Expiro payload

MITRE ATT&CK Enterprise v15

Tasks