General

  • Target

    a4e5f1e7b92724a85597335c940a8619.zip

  • Size

    293KB

  • Sample

    240831-e7t36swdmj

  • MD5

    24b622f9f668a2f61332f25891d4e17e

  • SHA1

    b8d38606a0011a1e7ce796de8d23dfd0ab6b2aed

  • SHA256

    37fc923f5c9d98bff902d465e93f84d0b1f1448648b5dd83c522b0a74c7bc608

  • SHA512

    9b261fbd00a41f4b0346cd556c8a0b8df95ff82829aec5c7a3d630996019533048c399e61319f569fd2b097da6228d41007ecaf6d2a77b66856668f8da430b97

  • SSDEEP

    6144:wdxEz+qNvgQe9XhoBj/rRuDJ3as5mV0f+avRXzTUr:MY+4vheXIr9uD1m3mRjTi

Malware Config

Targets

    • Target

      e6e76e326d39cbe942d69f7d27cfa23355ddeb710a1ab7a29515cf0a001ce1b8

    • Size

      415KB

    • MD5

      a4e5f1e7b92724a85597335c940a8619

    • SHA1

      1eab9b3ef1ddaea70b58186f19ddb085a2b1f44f

    • SHA256

      e6e76e326d39cbe942d69f7d27cfa23355ddeb710a1ab7a29515cf0a001ce1b8

    • SHA512

      2fb1c17603b5d5f192ea7e21e2c796b8f8d2d3b58e7eb91d8b7f2d1d34ec73bb4458acd54254574062cf95bdbc068b2de671993bf2bf45d844c67112fa9fbb60

    • SSDEEP

      6144:nwb1DRS9TABkzG/9caUsOY/S3kz0fRTRLj3WCbFdm71RRynlCRoQxT:wb1NSkkzk9caLVekz0nWG6yoRvx

    • Expiro, m0yv

      Expiro aka m0yv is a multi-functional backdoor written in C++.

    • Expiro payload

MITRE ATT&CK Enterprise v15

Tasks