General

  • Target

    bc4fdfc216dbd521f810b8305e38637a.zip

  • Size

    295KB

  • Sample

    240831-f9fh8sybkc

  • MD5

    b36a0894017d6391938fbf6639ffba90

  • SHA1

    23c39ea6a4750c560a195ae96bbfcc8298850d5d

  • SHA256

    5044679442b15f0bf4197d73b3ca20f1cc247ab62846662cacdc68bb94ebeb51

  • SHA512

    d806692c342cc3452a853cf6c1aa17dffa74a79a7cbdb805aa79032091bf9b4ab8e41b1a8bc027a0c266915a80d4872ea2deb78390751d76ce3afa3e607d30d3

  • SSDEEP

    6144:Dzmz+0oYIthJVYNyeyRGU34Y18RA9RKOChDHtTCYon4q1QSiO1PTgk:/mz+btjVGyTAUR8W9RKOEDNeX/P8k

Malware Config

Targets

    • Target

      19bdba4c02f3e286b2d7047e76e25aad356748edcec95e37634face159894eb2

    • Size

      417KB

    • MD5

      bc4fdfc216dbd521f810b8305e38637a

    • SHA1

      69abe447bae71e7a0b481f922de4b6161fb8989d

    • SHA256

      19bdba4c02f3e286b2d7047e76e25aad356748edcec95e37634face159894eb2

    • SHA512

      1d301bd8087402b829152c984440d0e684a504ce3f09772e2ddb998d2e2881041485674650146328776c2ab09bcfe2359fcc119c9184c3e5996da4dcd296f395

    • SSDEEP

      6144:HSpwTEOzPSK5U2SoJ8VWackFV1ZmXRWLgKocUq8nOfaIROo71YvK09lw+45B:y+IK5U2SoysGmwLQcUqgsPBYv745B

    • Expiro, m0yv

      Expiro aka m0yv is a multi-functional backdoor written in C++.

    • Expiro payload

MITRE ATT&CK Enterprise v15

Tasks