General

  • Target

    f160b4aaad518b10dfc712bc54c37d11.zip

  • Size

    293KB

  • Sample

    240831-pp6dlatcne

  • MD5

    00a7baaf0e0a1402a1251422cb9543a7

  • SHA1

    480dc0c6a56853d1ffb86f484d07ba3e957e011f

  • SHA256

    9b1b829a3fcd74fd5665f2149cf3765edac0de6830ec482711e068c21c6af79a

  • SHA512

    84651da389a59b041bf7f8498f3437ff6510b7e79a2be6c1f8924900b39c766eb32e8cce112577e614b7202856442ed325124031ecf41c102f3ca9261ebe394a

  • SSDEEP

    6144:uQoZ+nqE/+BK1d1oR+KJnCxF4qpDFPEv4ILTc4PhTE8nnHnveIc:thqEWQ1kxnCJDGvBTcuG8nHnNc

Malware Config

Targets

    • Target

      a79113aac9d7c76351a1d74e3d46cdac44146323496b85bb4150ae10f108453e

    • Size

      415KB

    • MD5

      f160b4aaad518b10dfc712bc54c37d11

    • SHA1

      e3416bde5791c7f1d362c3df517ccd068b44b21a

    • SHA256

      a79113aac9d7c76351a1d74e3d46cdac44146323496b85bb4150ae10f108453e

    • SHA512

      be0fdb8877f19d39a93ea1903149aba7f42c1a67726134b8d7b65670b8b3a19714703e920f160821c5a85d6a7899b1f9af8d1db4e21e674fb6af2a35b48c4c0a

    • SSDEEP

      6144:rT1oMahvpafezhv/Kf26N/tj9vRuVBhmkCTMU7z0pWL72uRTvBaWL:LaOmzhv/c910cnTMiWUR7BRL

    • Expiro, m0yv

      Expiro aka m0yv is a multi-functional backdoor written in C++.

    • Expiro payload

MITRE ATT&CK Enterprise v15

Tasks