General

  • Target

    ac2518d502fd454de7e3dbf82b1c4bd171e4421cb456ff0d99925f0ea052898b

  • Size

    754KB

  • Sample

    240831-hwj1ls1fka

  • MD5

    3be09ca08e48f3748de68de261c5d4b3

  • SHA1

    879dafd68e1b77e072e9a6ffba24fa9468b020d3

  • SHA256

    ac2518d502fd454de7e3dbf82b1c4bd171e4421cb456ff0d99925f0ea052898b

  • SHA512

    43650bd2ca478fa054a1becdadd00b915c6cb42cf53bac878e13b40721448acc93640b1d697542ab58c767ebbb7a979127d7fb2c4a4d8069b23314099d8cf266

  • SSDEEP

    12288:RATlbRfky6B+mCouSz/ZpBY61+1bdN0fFcord/+RKDeUDLxkiEO/NgHNEynU:Rylbht6BHf5BYw+15N7oR/+EFxjiiX

Malware Config

Targets

    • Target

      ac2518d502fd454de7e3dbf82b1c4bd171e4421cb456ff0d99925f0ea052898b

    • Size

      754KB

    • MD5

      3be09ca08e48f3748de68de261c5d4b3

    • SHA1

      879dafd68e1b77e072e9a6ffba24fa9468b020d3

    • SHA256

      ac2518d502fd454de7e3dbf82b1c4bd171e4421cb456ff0d99925f0ea052898b

    • SHA512

      43650bd2ca478fa054a1becdadd00b915c6cb42cf53bac878e13b40721448acc93640b1d697542ab58c767ebbb7a979127d7fb2c4a4d8069b23314099d8cf266

    • SSDEEP

      12288:RATlbRfky6B+mCouSz/ZpBY61+1bdN0fFcord/+RKDeUDLxkiEO/NgHNEynU:Rylbht6BHf5BYw+15N7oR/+EFxjiiX

    • Expiro, m0yv

      Expiro aka m0yv is a multi-functional backdoor written in C++.

    • Expiro payload

MITRE ATT&CK Enterprise v15

Tasks