General

  • Target

    cb59f7e129e7baecf4b3d8079935acbd.zip

  • Size

    314KB

  • Sample

    240831-g1g65szcra

  • MD5

    4ab036be6bf8453f407116fd55a1bfb1

  • SHA1

    ac16ff51812041dff16b78378c84eb293809d1b0

  • SHA256

    db995155e3c379737420b09a8bbfd5258decf96eb2347c3a82cb52ea7f9c8075

  • SHA512

    adf33635ede330962d11152f0abaa10238fa67d8327c8925b28427619d8e9a169e6d48392cad6c852654504c9bfc86849566bbdb97d48726029548a80591c074

  • SSDEEP

    6144:hS7n7O0ucDFYCoVcZln9qp8tte/87bLfRT4ZE8YnxwrZVtHXf7vODPtExuu0:gz7OKoVcn9qpstVGZE8YnoVN72PtFx

Malware Config

Targets

    • Target

      bf62e855c7f4eebc89466099b5ef70778e5dcf551e079a405fb531b8dace8798

    • Size

      457KB

    • MD5

      cb59f7e129e7baecf4b3d8079935acbd

    • SHA1

      c11aab2d305ed4d61ce22c0a511755fe1f6382bb

    • SHA256

      bf62e855c7f4eebc89466099b5ef70778e5dcf551e079a405fb531b8dace8798

    • SHA512

      c919420c2ee8284ed2d59a4a6cf17cd25015ce0bb775fe40b1dd654dd34e0528da96b6464f5c38ff30f53448093923612daac4650f9d6afd8310979e99b01f01

    • SSDEEP

      12288:bchn3w0GvksgzBsF5jZLbCHp9l5yKCZfG:Qhn3w0GvJCBsLj4dyKCZf

    • Expiro, m0yv

      Expiro aka m0yv is a multi-functional backdoor written in C++.

    • Expiro payload

MITRE ATT&CK Enterprise v15

Tasks