General

  • Target

    ee7da429fe5ec4209b01cfcc8d867cfa.zip

  • Size

    429KB

  • Sample

    240831-jk2a7asfqr

  • MD5

    f977bb8c107fd21c1f406f451adb2aad

  • SHA1

    b8feb9b23fea2aa0f1e4a95a94864717b5ecc8d2

  • SHA256

    48f9f84b900eb50860f735df91bc0c8655b3e4cb00467f2fb784e9b3adc8bf27

  • SHA512

    5e050a196f6c6e99a52895638eb6b94d7f305d35610500e232e3ebed9785a8845d891f7f1c144054e505ebe6c93b54e2449f452228e1ba44f45f48e2179dbbf0

  • SSDEEP

    12288:EQF5NH0xUIOnwk3HcJUqaVfoYPvGNI01H:WqIOwkX0taCYJcH

Malware Config

Targets

    • Target

      54e823e778135245e1ac095fd6af3320dc8235dfdb1f973144ecb5a532ac45a6

    • Size

      738KB

    • MD5

      ee7da429fe5ec4209b01cfcc8d867cfa

    • SHA1

      4640a48f371eb4c8870d5d230f696793bab7ef12

    • SHA256

      54e823e778135245e1ac095fd6af3320dc8235dfdb1f973144ecb5a532ac45a6

    • SHA512

      9bd8e426d89facb295a86d61f6a6238a40148a9adac5e9212bd6157f8626ffb29856aedb67a6f51743d637f31d15f102abb9f90b67a25fb9c4faa47914bc461b

    • SSDEEP

      12288:lAwSfxL/2Dc3jDLLmt0LDQewsHjhWW1d9cMO0qIlp7+x9xhIS2:GGewsHjoW1d9cwNa98

    • Expiro, m0yv

      Expiro aka m0yv is a multi-functional backdoor written in C++.

    • Expiro payload

MITRE ATT&CK Enterprise v15

Tasks