General

  • Target

    83daa6fa7913cdd632b984a649eb9e4b.zip

  • Size

    300KB

  • Sample

    240831-mrm9pazajr

  • MD5

    0191610b7794ff60cad995d211cb9588

  • SHA1

    2dcc0afc32db24a32f26ede0a07dfb1cfb24d2ae

  • SHA256

    8a09e57f6b75e8b5ed7cf73063f86005c3ef1e1a9a263c0d0606dec3ac5fb7fa

  • SHA512

    e88c18ae837641c2975801b5da72912736d47e503095c1893cb7f90b3483dff65aeb2ecd6332cf7f77b273e137f8a4a505d449fbf1f61f290ab411416cb342e0

  • SSDEEP

    6144:8kkOmS+IRWBmSeZw0q+rxDyM2MsBqrp65uygVbwWuXb6umpFYLG+aNL:8kkgxBSeZnq4VsBA6uVluL6umpus

Score
10/10

Malware Config

Targets

    • Target

      566352001699fe038a67c317309b9ddf35eca8084a3529d5c290481023614e9c

    • Size

      432KB

    • MD5

      83daa6fa7913cdd632b984a649eb9e4b

    • SHA1

      8293f3d27279ec9d1b710cede7f3bf445cd209ab

    • SHA256

      566352001699fe038a67c317309b9ddf35eca8084a3529d5c290481023614e9c

    • SHA512

      09ac6ba3fe085cb7b0b28d8d91ffcc59cfaf8af9001d7f5ba27fc5a13a788e781e8fb06679c743c43ff3a606f1a33004e605068856229a2351cde5f5b55da192

    • SSDEEP

      12288:NUCmZiCQek4/olT0DUtQc4gZxPYlzqxgJT:fCQek1TCdcFZxIzOIT

    Score
    10/10
    • Expiro, m0yv

      Expiro aka m0yv is a multi-functional backdoor written in C++.

    • Expiro payload

MITRE ATT&CK Matrix

Tasks