General

  • Target

    5598432d4bceae719c75c2fcd1fd410d.zip

  • Size

    314KB

  • Sample

    240831-bc6lyawhqr

  • MD5

    36a34a0349c01dad184c4f5537d69ea7

  • SHA1

    ec1e661c6ba2e47733bf65c1c74c3e78699687b5

  • SHA256

    a4783606bbc17025a47797186b86d4f08ad956ba409070dd2a591fc5c7f0d09c

  • SHA512

    8a24fc434d36231b08ee0d5ad94e1baf7afae1de87c5fb6a4eb08bfe34509b5904703a4c85fa5d393b8b94319604fc58c9dd402d5edf421395fd0bf147dc280e

  • SSDEEP

    6144:gj6R/CHjad7TX8vojs6rhiIOEt+dAWnmWyFdCDTI4K14:gjh67TX3js6rAIXt++WtyFdC3LN

Malware Config

Targets

    • Target

      96bf9018182f9b6df31ff19d686510b622213dc90fb5c45f221dfa7f0d3cfb77

    • Size

      457KB

    • MD5

      5598432d4bceae719c75c2fcd1fd410d

    • SHA1

      7d22ec93b64c1cf0a6e0b1c8dbdec48e5d1e661c

    • SHA256

      96bf9018182f9b6df31ff19d686510b622213dc90fb5c45f221dfa7f0d3cfb77

    • SHA512

      d4a7235b065b06373624db354a019265895e3c7e6c6e13da6cc3e19f02a770b27f7d1d99cd22cc7548b69be0302ce291058ab95f6c6786e7071e0da6c25af77b

    • SSDEEP

      12288:qNmfzk9DwdR2mtIwbw1c8vRoPawl3obgpKbaLw:0mfwlwd/iwE1eCw3obi

    • Expiro, m0yv

      Expiro aka m0yv is a multi-functional backdoor written in C++.

    • Expiro payload

MITRE ATT&CK Enterprise v15

Tasks