General

  • Target

    76a693274bee28762547daae64483104.zip

  • Size

    314KB

  • Sample

    240831-c14mxs1fkr

  • MD5

    274ead031c7d17044a5f1038f1bf8302

  • SHA1

    6ec4a54b65dbb45d81398c845750140f5fdd36ee

  • SHA256

    872515d22463579a76689be0f034cc12a3627a83177c4d5a6f9ef622647983ba

  • SHA512

    d3fbce9ef31ed14ced2943a0581d72f3d810afa612e47f1d8806c7e2e8f4b5130e35a7c808849d29e91d5cce0f89c51886ac975d75954ca700f7644fdebeaee7

  • SSDEEP

    6144:nx5dUBuh3BG1gJpXQn3S5H+xKWnkC1dUUBIvZ5L9X2gsazD/P2yEr6oi7fn+8Ulf:/h3BGSpgn3S5oKWnFdrBIh5L9RzDmyED

Malware Config

Targets

    • Target

      a6a56dd2a6064870c1df65078f56173b9dd620f770dadc909fa8da4062e6160a

    • Size

      457KB

    • MD5

      76a693274bee28762547daae64483104

    • SHA1

      e76138e11a3bb616ab084f3517335250c573f861

    • SHA256

      a6a56dd2a6064870c1df65078f56173b9dd620f770dadc909fa8da4062e6160a

    • SHA512

      407c597e1beed5ce2c2a23998610cdb755345bc586fc5d738b4fb59f551955c52af7dcd3eac18a794a64ccaff5d1d7c401d6270bf9daec30194df9ee91bb6291

    • SSDEEP

      12288:i3txYm5THviE5X+Tvknp8WYe4YTjU/OP03cdiJ:mP1TH95X0Y8m/4WP0Q

    • Expiro, m0yv

      Expiro aka m0yv is a multi-functional backdoor written in C++.

    • Expiro payload

MITRE ATT&CK Enterprise v15

Tasks