General

  • Target

    2024-08-28_ee6153962df95a7551f4489c548dd9dd_mafia

  • Size

    2.1MB

  • Sample

    240828-z8l46swhqd

  • MD5

    ee6153962df95a7551f4489c548dd9dd

  • SHA1

    c25b5715b706f2d9246273b9cc276c41ec3ebd74

  • SHA256

    25180d9269d4e655920f01df6edd948ea67c55f26f520889bb38e34dd2849d31

  • SHA512

    14891b530f7967615692330be09cee0dfdc116de72ddefb9c907f7e68cdaea5ccc96270e30fe8d489a2ed9f961b56435798462624da136611a25bf30b3422716

  • SSDEEP

    49152:vIrxJQnKkOVHpJYQ6dOVD8uVXKFqJNfzAW2dzhTtI1juDgWjTWcjy98QoYRt7M:vIcLuHpJcdOVDnCYNfzAW2dz1tIRjGT9

Malware Config

Targets

    • Target

      2024-08-28_ee6153962df95a7551f4489c548dd9dd_mafia

    • Size

      2.1MB

    • MD5

      ee6153962df95a7551f4489c548dd9dd

    • SHA1

      c25b5715b706f2d9246273b9cc276c41ec3ebd74

    • SHA256

      25180d9269d4e655920f01df6edd948ea67c55f26f520889bb38e34dd2849d31

    • SHA512

      14891b530f7967615692330be09cee0dfdc116de72ddefb9c907f7e68cdaea5ccc96270e30fe8d489a2ed9f961b56435798462624da136611a25bf30b3422716

    • SSDEEP

      49152:vIrxJQnKkOVHpJYQ6dOVD8uVXKFqJNfzAW2dzhTtI1juDgWjTWcjy98QoYRt7M:vIcLuHpJcdOVDnCYNfzAW2dz1tIRjGT9

    • Expiro, m0yv

      Expiro aka m0yv is a multi-functional backdoor written in C++.

    • Expiro payload

MITRE ATT&CK Enterprise v15

Tasks