General

  • Target

    3c1515f5f55282c116ad9ba9547c9121.zip

  • Size

    304KB

  • Sample

    240831-lj6wdsxbma

  • MD5

    adaa59aa6a196951850a4f87d16c8c72

  • SHA1

    3d3a4ba84ecde31539f0f9a4e07869ba68e565fb

  • SHA256

    c5939fd8fc146c4433e8bff31040c4ac880ae69b1afd174be3ca779c3481369e

  • SHA512

    08a6d39e7595186561e7831464693ed5ddd1c1595add4b24d83109434dc8797b5d5f0577dbafed38d113f1c0ebeb857ef5e1130530f41b09d7af0e0554614b4a

  • SSDEEP

    6144:ZjAoWEQBA1XJEA1mg0+ppjN81RVrsZyXzHNtyHoHlE3Mp8ljsNLA:HpXmA1mtk6/VAyztr1p6INM

Malware Config

Targets

    • Target

      369e4db219ce55a7f90c19dedf84081a1e4471b04a9465d664d3985b758569a2

    • Size

      437KB

    • MD5

      3c1515f5f55282c116ad9ba9547c9121

    • SHA1

      41fdaa7f734ffdd38c95d104ed3f3583f9867c8b

    • SHA256

      369e4db219ce55a7f90c19dedf84081a1e4471b04a9465d664d3985b758569a2

    • SHA512

      6fc0c858013c0734e65f410a8cf0406e3953ef2d3edc07209c67744fa13b22295ec6bf03c551aa593f839d14caffe260c9410bb26fa8c692c8855446892e7dca

    • SSDEEP

      6144:UFVwm2i+mKaN68U8Wdvym8fXZk1/L07IkX/c6MVO4zXUdn1NwBLDmFBF3UN:Lri+m/A4Wx3Uo/LzARMVO4sNyDm3F3U

    • Expiro, m0yv

      Expiro aka m0yv is a multi-functional backdoor written in C++.

    • Expiro payload

MITRE ATT&CK Enterprise v15

Tasks