General

  • Target

    000ed87c70a47009f759c67c86927398.zip

  • Size

    314KB

  • Sample

    240831-keze3svbqj

  • MD5

    0d43027777d17d3c02276949eea774ee

  • SHA1

    075b66c25f8026820b9a8094d078e4f563c06ee1

  • SHA256

    bd6ec3c80a8245858de0119f3660f664002d935f63a2e4b72255ecb14593ccd5

  • SHA512

    56f776543987e92cce83c4ea001ffc5e7bf88fbaff911f2ea212637cd659e53a03f9fa17e751840d01a1661290d4df8a859c84b27961cb31f1434fe30bd4bef8

  • SSDEEP

    6144:rK0nHX9lwdr3Bxn5Fz/HGj6Qa/W5cy5iKNygOD4smRdbuF1VfFCILa/IF:WK3AVBxnDTGj7OWOuiK0/D4ZkHdCI

Malware Config

Targets

    • Target

      2eec3f94af5de95d6b559f3bbdc070b49520bedf19542754fc23be2ad806121e

    • Size

      457KB

    • MD5

      000ed87c70a47009f759c67c86927398

    • SHA1

      5f6c66b7a2cff22f837043555691051b36820305

    • SHA256

      2eec3f94af5de95d6b559f3bbdc070b49520bedf19542754fc23be2ad806121e

    • SHA512

      b9f4ef9a314b50b5d64e6da92fd7dbb9c1f2573f73ffe5852c944e158698dd808f51a10166d6a1d294dab4a4abcb530f2502e3dc89708162657b567a33f0d6b2

    • SSDEEP

      6144:JZZEOK99kXunypImn4rXQ0fam90z74M2BCw2jYdQnjTqppcmJt7ZDyJf/UrfoJ:JLUypNn4rbf50O2jqpcmJH2Jf/Uc

    • Expiro, m0yv

      Expiro aka m0yv is a multi-functional backdoor written in C++.

    • Expiro payload

MITRE ATT&CK Enterprise v15

Tasks