General

  • Target

    93a4bb1b1672d07128cc01f98ee00e5f.zip

  • Size

    295KB

  • Sample

    240831-mzwk2azdpb

  • MD5

    6b4eaec66fd22ea68e73f8983c0f9d16

  • SHA1

    fbdd5bae74ae4ba1cd43eb76121a615c3c0c1f8a

  • SHA256

    05de2df1e9fc636609699c34ed21cec85b170e9106ab67ddd79ce84ea59881ce

  • SHA512

    f1a761de9ef5dd34b3ba1ed910ec43b9f0f8ee6ed23586a1ea344b8de3e82d0f9ead2192c72025e4410ec2d8f1c90b3ec774025014630f19a28e1a57aea07f33

  • SSDEEP

    6144:6J4VZVUit/qineTdQuiDTj+IKmPesh5lSnfGSfEm+/0fPbOL0Qx:zQYeTdlyTj+IK0bsfbOLJ

Malware Config

Targets

    • Target

      7ae99c71371709eb39b02255de36dea86a91ac461dba0e04db1dccbfff2f9039

    • Size

      417KB

    • MD5

      93a4bb1b1672d07128cc01f98ee00e5f

    • SHA1

      677dbf9a459b234f9f960bf314b1c13e5cb78bcf

    • SHA256

      7ae99c71371709eb39b02255de36dea86a91ac461dba0e04db1dccbfff2f9039

    • SHA512

      51cca1cc80e2f950e20bfd974e806c4edeb9f67b52ad7685c421fca362cf3df7ae42cb1f803d924a7f788802507b4fa9e5778937710aee6b2deea8e21ba93987

    • SSDEEP

      6144:6SpwTEOzPSK5U2SoJ8VWackrV1ZmXRWLgKocUq8nOfaIROo71YvK09lw+45B:N+IK5U2SoysImwLQcUqgsPBYv745B

    • Expiro, m0yv

      Expiro aka m0yv is a multi-functional backdoor written in C++.

    • Expiro payload

MITRE ATT&CK Enterprise v15

Tasks