General

  • Target

    3acd3697cb4c6a2dd4426380acc277e7.zip

  • Size

    295KB

  • Sample

    240831-lj35haxark

  • MD5

    442bfd686e97249f07b503608b3cb6d6

  • SHA1

    7b8bdf600a663e7c83443a131523267552cf17dc

  • SHA256

    f30bf648400557b10c60a35c11396bebab932a530993a7718b88c75732aa9811

  • SHA512

    f503107d5e60c370bf9a8dfe3a834bd1e7a11fdc75ff3440fc27ff77adb8f212cc5edb2385d670821d779b9bc63b35f900bb8f65d6caa0159671b1446680321f

  • SSDEEP

    6144:zlCtzTjfECL3ONRymJRRADJ8blHcyV2T10J2M6yP/FfCIAWf86:zlEjEC8oWl8yV2CJ2py35W6

Malware Config

Targets

    • Target

      3d9f1de39760d512dbddcab1e75364290cb0ae62a1d9d57493c59412678e349b

    • Size

      417KB

    • MD5

      3acd3697cb4c6a2dd4426380acc277e7

    • SHA1

      216f64f99559602631872efa71a3499ef395710a

    • SHA256

      3d9f1de39760d512dbddcab1e75364290cb0ae62a1d9d57493c59412678e349b

    • SHA512

      f258c3120300e8d92d425f82a993df044c434662fb876d6497160e607111850f85caec4b99784a30dc99ccf5b7236c13d87d0172891b8d00771eea2f391a01bf

    • SSDEEP

      6144:6SpwTEOzPSK5U2SoJ8VWack7V1ZmXRWLgKocUq8nOfaIROo71YvK09lw+45B:N+IK5U2SoysomwLQcUqgsPBYv745B

    • Expiro, m0yv

      Expiro aka m0yv is a multi-functional backdoor written in C++.

    • Expiro payload

MITRE ATT&CK Enterprise v15

Tasks