General

  • Target

    139335a6096389351c49b2030491526b.zip

  • Size

    295KB

  • Sample

    240830-19mb1ayhje

  • MD5

    2c58deb874cda1a4d8f8ce6d4a2f2940

  • SHA1

    059473478e3537c6b09349bb2963e716e6561b65

  • SHA256

    1e8f4a36c36a4d87d3ad1308e6af25fcc0bdbe07cca1e7bd028da4a49bd2f121

  • SHA512

    8446be91865cc6137a5d4741dbc8ce46300ce30f201105603146105661b71eb5d0fe2c45f020be1c57b5cb8094e8d9a3043792f5786ea975d1371d52481b6580

  • SSDEEP

    6144:rxtapDW57+BSFqbOH4i3hxUU0/wmHisw7wpf8hIUWFJLX55:/8tSFqOH4i3h/aHc4aBWnLX55

Malware Config

Targets

    • Target

      79f340dfdc257db9a48bbea61c4ab902887e86a4889e4ea2cc4ca7ae46883afd

    • Size

      417KB

    • MD5

      139335a6096389351c49b2030491526b

    • SHA1

      ae0d492d54b13d2ac651afec17b7745e2e0f45d4

    • SHA256

      79f340dfdc257db9a48bbea61c4ab902887e86a4889e4ea2cc4ca7ae46883afd

    • SHA512

      4e96595315664afbb0acdede5d3b3355f5008bdd49bf707a40064a76607608a0c081ac3df0649cf1a2286ca2ee8e33ea9ebec2d3ae570b4dacec0c6aebef3adb

    • SSDEEP

      6144:dSpwTEOzPSK5U2SoJ8VWackZV1ZmXRWLgKocUq8nOfaIROo71YvK09lw+45B:8+IK5U2SoysimwLQcUqgsPBYv745B

    • Expiro, m0yv

      Expiro aka m0yv is a multi-functional backdoor written in C++.

    • Expiro payload

MITRE ATT&CK Enterprise v15

Tasks