General

  • Target

    dbf4b92867067cfae411e3944d65e7a4.zip

  • Size

    300KB

  • Sample

    240831-hrj5ta1dpd

  • MD5

    561c2ca34ba52e7461349b024a883482

  • SHA1

    ca5d96915234ac64c14d4c3b281dcea9e966a318

  • SHA256

    bf8ca5e57173136752c37c1727f00164143ed1f8a6eafadd6b62c5e46c67ddc5

  • SHA512

    d35cf04ff051b9e4af472a026f4a205705794a44cf2b0c428770114ed9891cd742166ed92fea41dddb53bacec549f2632fd8b0693b81138e17eaa9a5c232c6b6

  • SSDEEP

    6144:VjI4gpbDk1a1OQc6TV+0BLgoKjxq8mmQ92W5UiDZbGLrwPF6d63iVI:V14bDk1S+agJw8mmQ4WeNrBjVI

Score
10/10

Malware Config

Targets

    • Target

      2b43a9d8b2bc5a0ec4fb7819b8afe251d08c29bfd5c6156cb01a9ee073199c87

    • Size

      432KB

    • MD5

      dbf4b92867067cfae411e3944d65e7a4

    • SHA1

      73d6e9603073c8ef7e1fbfeb093181eb240cff8b

    • SHA256

      2b43a9d8b2bc5a0ec4fb7819b8afe251d08c29bfd5c6156cb01a9ee073199c87

    • SHA512

      296b0aebb89ca1187471cf8df76269afdbb5fdd1f1221dc2acb9550b0719ab2288e093de0933bef5f4eef4ebad51aeed13ad687ddeec6e9b926afe542d74db44

    • SSDEEP

      12288:PUCmZiCj+GlIkK3B3TVpfYFo0LWwdgip9TXRgm2:BCjJSt39zwFwogiHTXRgm2

    Score
    10/10
    • Expiro, m0yv

      Expiro aka m0yv is a multi-functional backdoor written in C++.

    • Expiro payload

MITRE ATT&CK Matrix

Tasks