General

  • Target

    cd990e6517184e2e3b644768fa0290d1.zip

  • Size

    300KB

  • Sample

    240831-g58vnazeml

  • MD5

    fdc3fd7b77166e26713e60cfa0769a0b

  • SHA1

    20f29e73c0bd2c2783a535bb5a14f4cbc8209080

  • SHA256

    80fbe5ed42c7abc99978959b61f23874791e0f3ee1688190f45d80eb02fe5d6c

  • SHA512

    2a2ea1fd2f7014932e923939bead2a90f361503fcf8cb6a5145d0ee0b64670459150886c324d41739e6dc536ab7c3e2fceb9c447731f5282d805e0ca29aa8caa

  • SSDEEP

    6144:ogjwtsOFThcWrnEjEPj83QNPjXy3YUTqTEg0sXJZoiRhwi78W:9Uts4ZQg1jXw1mTfJZNvwK/

Score
10/10

Malware Config

Targets

    • Target

      8b10c02ef7085cf46fa555644b72a1fbb6c6f4bfe538ae8c9729cbdc6b60f7f9

    • Size

      432KB

    • MD5

      cd990e6517184e2e3b644768fa0290d1

    • SHA1

      19aeb7f4aace5b6170d9729674e75835a2b7ddfe

    • SHA256

      8b10c02ef7085cf46fa555644b72a1fbb6c6f4bfe538ae8c9729cbdc6b60f7f9

    • SHA512

      d590427d9209e2fa45afdb2881155b5319d48222dbe558b97045a525a26d9ea843b4da06cd29c437d7b48e2d772104bcf8076d8902fb5c77538f0e346801b269

    • SSDEEP

      12288:zUCmZiChjaD5ZygpfYFo0LWwdgip9TXRgm2:dC5aD1wFwogiHTXRgm2

    Score
    10/10
    • Expiro, m0yv

      Expiro aka m0yv is a multi-functional backdoor written in C++.

    • Expiro payload

MITRE ATT&CK Matrix

Tasks