General

  • Target

    d62215a7f40f50dc2878ff8c4e987e22.zip

  • Size

    300KB

  • Sample

    240831-n7bq9ssbmb

  • MD5

    760467729687244f664363b4f29d98e9

  • SHA1

    4d0eb6f4a5a1c8fbf655ebb5a217ee591fe5ccd7

  • SHA256

    7293c635f6b0604bff9b624e16c51210ee57a5890e4d53d6c41139679de93ad6

  • SHA512

    faa78c65f1071d4007f23d2dabc03e4e9799810e5c78dcea028201f8b11b824863b9ee83d9751c2f44bc2d6def3ee37cd1f8b9ed5bf99132d5aa6078769a4744

  • SSDEEP

    6144:Ui2n6pNgteegduWQc4RnRVi/EEVyoKHh5L9Cvo0HexSvIFGu:e6JD0WYtRgE3oKB5L9CQoaqu

Score
10/10

Malware Config

Targets

    • Target

      6b38a57e51e727bf24762db2937eb9d60ff0b6ed5ae79b0a6ace17ecca07d4ce

    • Size

      432KB

    • MD5

      d62215a7f40f50dc2878ff8c4e987e22

    • SHA1

      cdd77e2e9c64d4118867d7889391f01bf29ce1e2

    • SHA256

      6b38a57e51e727bf24762db2937eb9d60ff0b6ed5ae79b0a6ace17ecca07d4ce

    • SHA512

      9301f59bcf62447f3ef9bc18ba25582d409a2f73c602f7d761a15c49c17ee451256a0236bceee28ddd943b81fd27e943de878e771a26e0ffcdd7ce038bac74d1

    • SSDEEP

      6144:0VFUCmZqoFWC6xU9Bu022hmaoshHJ47HEmvNaBA8lDQL34mjhjS6eYbKdPXOjvk+:GUCmZiCJBTBjhubaBv1QLoSpSEyXsv

    Score
    10/10
    • Expiro, m0yv

      Expiro aka m0yv is a multi-functional backdoor written in C++.

    • Expiro payload

MITRE ATT&CK Matrix

Tasks