General

  • Target

    f7b827dce8dd3c6fd15a63a15a370206.zip

  • Size

    300KB

  • Sample

    240831-jy3q6stdjc

  • MD5

    35748aee0fde4231efbb9fb1bf99bd5f

  • SHA1

    4790169c88ff19d38b1e1268a2ccce1a516b41b7

  • SHA256

    8398a981b42f9a8d876fd8ee99a16577fbeca65baafd3d3cdaaf35361d3d4791

  • SHA512

    7e5244e7e83d66e653dae76ddeae05bab17042fe62628d8c97106d158aa086dde52160ed594671d982a8282fe06651e0925e23b2d5279ecb72c6c21fc797607f

  • SSDEEP

    6144:MHo5+/gF50mYyP0GlNp1WwB/HZHZ8JMl3A3pghACxx7w6oDQdbh+IgU1/1+F0Wqg:c3/gX0NyNXWwB/HZHqJppQA/QdblgUXe

Score
10/10

Malware Config

Targets

    • Target

      a58f9b92095000612160b11c5a9be8898e9d35e9f3d0df78d9f0cfdb7479edd0

    • Size

      432KB

    • MD5

      f7b827dce8dd3c6fd15a63a15a370206

    • SHA1

      b6076f4bb1b0cece556fe3cbfa3489922f2a44b5

    • SHA256

      a58f9b92095000612160b11c5a9be8898e9d35e9f3d0df78d9f0cfdb7479edd0

    • SHA512

      36699916c62f063b20c2c1de4bda482c4beec074a35949280b2a43456998fc5d31535a051e71b6e3e325440194930b2c0863fdd950a8e57c934757eba168453d

    • SSDEEP

      6144:HFUCmZqoFWC6xeHj8Y88weIExx0LbITWp2g9pDBFjGNPDBvTSrCIiMy1BsgBJ:lUCmZiC5jjIxmx0L311B9mPDB7IiNvp

    Score
    10/10
    • Expiro, m0yv

      Expiro aka m0yv is a multi-functional backdoor written in C++.

    • Expiro payload

MITRE ATT&CK Matrix

Tasks