General

  • Target

    2024-08-28_02c13fa580cfcbcc6fe35b81d521fc18_mafia

  • Size

    648KB

  • Sample

    240828-z7wbfsydpn

  • MD5

    02c13fa580cfcbcc6fe35b81d521fc18

  • SHA1

    f8925e0749e76cadab481cc4a8d0e5f5b2f174e1

  • SHA256

    cdf7a743f9317a0f73ba9fc78b7d9c177a745cbd8420dccde629c3e6798b99dd

  • SHA512

    3018a4a2c65c1fabbce5195803891ce5b886376191b824eb7105aaf909ce5c482366a3222b759971fc1b4e7372d264d4c783858adfe7cf6c9a81caee76e81bbf

  • SSDEEP

    12288:v/VsshK7jqI6CTs81vmQGDISbvR28TguvtN1zIFlR3qQ:v/VssujqI6CTr1vfSbR28T//1z3Q

Malware Config

Targets

    • Target

      2024-08-28_02c13fa580cfcbcc6fe35b81d521fc18_mafia

    • Size

      648KB

    • MD5

      02c13fa580cfcbcc6fe35b81d521fc18

    • SHA1

      f8925e0749e76cadab481cc4a8d0e5f5b2f174e1

    • SHA256

      cdf7a743f9317a0f73ba9fc78b7d9c177a745cbd8420dccde629c3e6798b99dd

    • SHA512

      3018a4a2c65c1fabbce5195803891ce5b886376191b824eb7105aaf909ce5c482366a3222b759971fc1b4e7372d264d4c783858adfe7cf6c9a81caee76e81bbf

    • SSDEEP

      12288:v/VsshK7jqI6CTs81vmQGDISbvR28TguvtN1zIFlR3qQ:v/VssujqI6CTr1vfSbR28T//1z3Q

    • Expiro, m0yv

      Expiro aka m0yv is a multi-functional backdoor written in C++.

    • Expiro payload

MITRE ATT&CK Enterprise v15

Tasks