General

  • Target

    cb6228336699f30911dd1c20c45f03af.zip

  • Size

    314KB

  • Sample

    240831-g1hsnszcpk

  • MD5

    c1cac9feaad805e638b8c36a1f77853e

  • SHA1

    a33eb2567eddf899cfa4b6f2bb72fa7f46a91702

  • SHA256

    1f4c2264d67e04be60e79c90f21052ceb1050986332de9979a165a19babfb069

  • SHA512

    22be168eb675754dcddbb955e68ce04e0aab074bd3fcb039f8ebd939879f7f0940ec2c121f1a1ddae8094c4d132ebf10494d960079afa277e089b54a97156674

  • SSDEEP

    6144:GnAF9M5uMQuR+ztdXGL5j+Wn/pJHSWp7e40oZW6yHRqB7vU/:Gom5u1ztJTqDVhCHAB7M/

Malware Config

Targets

    • Target

      9ee4a71c8b68508a9267c165bff3f4b65d2906674d28cb11792c7d621d52f85d

    • Size

      457KB

    • MD5

      cb6228336699f30911dd1c20c45f03af

    • SHA1

      925b3e1b55b71328428712eca9a52744a7ce76b3

    • SHA256

      9ee4a71c8b68508a9267c165bff3f4b65d2906674d28cb11792c7d621d52f85d

    • SHA512

      d315d95c09d654d5514e1281626547a84f48a895407fd08ba977f8debd86f39a4b68f6a5d0ebfb07c734be39d3cd6a507b63a2a3c833af62f7a972d53ea2c811

    • SSDEEP

      6144:uZAEOK99kXqyPj/7Ar9//kfCj12mGWafhOIPUwIcfp9faUERHNKSA+Q0kbTCXVb:uCqyPAr9/s5W8049fa7Nq+GHgV

    • Expiro, m0yv

      Expiro aka m0yv is a multi-functional backdoor written in C++.

    • Expiro payload

MITRE ATT&CK Enterprise v15

Tasks