General

  • Target

    dcd5569afa621f11e18269a237b4bc200a0b23c97d4f4d54d9fa37234c7d26b3

  • Size

    304KB

  • Sample

    240831-j48jlstfqq

  • MD5

    bccfc2e4adca30e3a9cbbcda655ddd6d

  • SHA1

    0f24afe9fd6af13153851939d1215daabe187cab

  • SHA256

    dcd5569afa621f11e18269a237b4bc200a0b23c97d4f4d54d9fa37234c7d26b3

  • SHA512

    ded2304da54c4c1899907b7a7e0019d71b3520a4962be40184d321a3ec172a35855b8d378358735f733ea36cf4b1437b79436affd34729f5e3e063d9eae8d967

  • SSDEEP

    6144:BlDK4c9oYemLKamoIzSDwjSp3wAjBOS+GAySfdTjHr5T394gNr6Rm0+k3zN/pE2w:jK4c9oWKakuDwjSdwIMSvhWRHr5TN4gX

Malware Config

Targets

    • Target

      b1cbe50c00ba8c397d2eabe9d0c2ebc9fc175455f9a6c9ea0b481f79ff7cab8f

    • Size

      437KB

    • MD5

      9eab5d6f597d5f8492f737140b536bf7

    • SHA1

      dc32cbccab029046c27f4a43be802b9f37fe932e

    • SHA256

      b1cbe50c00ba8c397d2eabe9d0c2ebc9fc175455f9a6c9ea0b481f79ff7cab8f

    • SHA512

      7cee1ce8079f40c1804d3b553b4859b8ab1c6f700b4f637cd72c6702aaa19fe5e64b71f1048faa6a1246892cef482dc46bd6fef0b4b76433b75c31c33a7116d2

    • SSDEEP

      6144:UJVwm2i+mKaN68U8Wdvym8fXZkP/L07IkX/c6MVO4zXUdn1NwBLDmFBF3UN:rri+m/A4Wx3UG/LzARMVO4sNyDm3F3U

    • Expiro, m0yv

      Expiro aka m0yv is a multi-functional backdoor written in C++.

    • Expiro payload

MITRE ATT&CK Enterprise v15

Tasks