General

  • Target

    8ccf0eac79f70e80f0e68b3290d201e7.zip

  • Size

    300KB

  • Sample

    240831-d3q1aatcnd

  • MD5

    e58ea72b092f5b22727e7e1d37906c7a

  • SHA1

    508d32603d2bacaa4e7d9627051d082ddba50787

  • SHA256

    156f95563086796b62946067a0d2f1fe5b1388cebaa89267e25a5027587f76f7

  • SHA512

    078fed0e414b9d7dd56bd3ec5b796b25a8573a58519ca7cd8762723fb8f69799193a33891823bead3a56dd1986be95c325838ece166da8e5ce1f3b1751db969e

  • SSDEEP

    6144:Wd9gr/hoDH9oOVZ59/Dveguzn8kVWAMDyPCqy97L0HY4vKCF6:29epoj9t5Bj2MD2CFLSzF6

Score
10/10

Malware Config

Targets

    • Target

      38c7c3bee11aa52486796d79108d862c0e3ac6c77d325e68de962df9927faf75

    • Size

      432KB

    • MD5

      8ccf0eac79f70e80f0e68b3290d201e7

    • SHA1

      f0b8e8cd862f799f237daa84d9c578a2c366f694

    • SHA256

      38c7c3bee11aa52486796d79108d862c0e3ac6c77d325e68de962df9927faf75

    • SHA512

      0d9016cb5f785cb9d72a6fec2270458a19eb3846f7ad97765e2277e60178da1d32dbf7199c1d08c6ccd5b17ad3bde7288d5137fef430e62d57749b7e6df41c2a

    • SSDEEP

      12288:ZUCmZiCDmZui5vT7HfjjpPukBUbKtKM3j:jC6uuHlgKsM3

    Score
    10/10
    • Expiro, m0yv

      Expiro aka m0yv is a multi-functional backdoor written in C++.

    • Expiro payload

MITRE ATT&CK Matrix

Tasks