General

  • Target

    eeff2ab6ead0a81df9718b2de5d81d08.zip

  • Size

    295KB

  • Sample

    240831-jk4fjssfrq

  • MD5

    a25bf8ec4d7b676e062ea61a8c5103d5

  • SHA1

    e83b60cecda85b2347e08a4a158fd026f19377f4

  • SHA256

    db5184ed3a468a93295670ae4c76395d12db142982390dfd9b465bb62749fe53

  • SHA512

    2534815862b417775980b65cc3bea024531c9595bfbacbd0f92fb1c1dc07373eaf7cf00a656d3308cfa1c4b657ca9da8ce8bcf294de768e86138c5b2a0f77478

  • SSDEEP

    6144:NvqTr3Zn6b8kzAvgOivOimBZWG/t+GEmHZ3Lt7AgJNd4eUdCirFIosHoOK:NyT9njiAvjQOi8HYzOZ3Lpv4dd7GoZ

Malware Config

Targets

    • Target

      212918a42f744a3cdc9c42aae2dd287ad3d33facfc3a85a484f73cad6e592dc3

    • Size

      417KB

    • MD5

      eeff2ab6ead0a81df9718b2de5d81d08

    • SHA1

      5d63253476d72137ab4b191a4d944db5db911343

    • SHA256

      212918a42f744a3cdc9c42aae2dd287ad3d33facfc3a85a484f73cad6e592dc3

    • SHA512

      69a46535869c7116b269696eb41be2999ff76da84f8abe7e4141782371607dc83d4b07a84e1d3418134e86417da549f42a0126dc23d5a39d964ea8495b3513ed

    • SSDEEP

      6144:BSpwTxz8fEYga22UHHXyDArvBIM6zOt3ONgEox946lzmEZYS5+oj9COdbeOut8MQ:I+lAfEYAtHCDArvxeOkjo46hjYJQ0mN

    • Expiro, m0yv

      Expiro aka m0yv is a multi-functional backdoor written in C++.

    • Expiro payload

MITRE ATT&CK Enterprise v15

Tasks