General

  • Target

    c4cc29108ef8565e5251c56047586e20.zip

  • Size

    295KB

  • Sample

    240831-gmjg2syfqa

  • MD5

    90223053881f94e3bcb5fb6aa394ea3e

  • SHA1

    ddcb4f072e73147602d9382b3752057295bafb3f

  • SHA256

    fd803509cebeb8fde6b4e36a62b7b3400572bb74dc55521324caa849730a14bc

  • SHA512

    f94eaa50be0ec66a1c546d4ecedbce82e687acc2e1fa4b8538888c69d85c0d6a585a93d6c23a4c9527d41f03b954d912994caf0a9c3fbc962a3cd40f35df575a

  • SSDEEP

    6144:2Aj68kkWvtVG+h/OxYTq934LK7LghSsZuglutXmP/B++ummQroAGW:RjDkkATG+EQqCVhSstlOXm34rmyA9

Malware Config

Targets

    • Target

      ecf1c18fd8e00059f7408f943e96f73aa08839601eec0bc2588fcb3e9c29d137

    • Size

      415KB

    • MD5

      c4cc29108ef8565e5251c56047586e20

    • SHA1

      290a6b8d1d2b745d3a61be322ec9b729d5ba844d

    • SHA256

      ecf1c18fd8e00059f7408f943e96f73aa08839601eec0bc2588fcb3e9c29d137

    • SHA512

      ecdeaf0f4860bfd70ff9378485a3e952e9fb6eafca64c300b0cf24779357350814662f3648804021651a51f4fafd174a69dc796695c45f01c17efae89ca80477

    • SSDEEP

      6144:pryyKsi2/CGBfHYTbILiniQCLZ4jekjEXL6cbr/mgppj3l3s1LOsoYYL2Ta0cI:pryyKsiWrLitCL0Or/VpprlkOsc8a9I

    • Expiro, m0yv

      Expiro aka m0yv is a multi-functional backdoor written in C++.

    • Expiro payload

MITRE ATT&CK Enterprise v15

Tasks