General

  • Target

    ebc153e7e315ee3471ea6e3d8c07e9f8.zip

  • Size

    300KB

  • Sample

    240831-s44p4a1hkb

  • MD5

    c3cd009dbe74dc6c9d93f56b3eca8314

  • SHA1

    8d5e8a06fe4b1cb0570a19ed4e928df480178360

  • SHA256

    aee7f4f12df0f15c7f116792c043b0c34822272d13f3a16d8f49b8cb960bb2b6

  • SHA512

    228f58c82c9eb8b29865decd7d92d1992d976723a0d0a1d526a721775a955e91f3c3494f3572558a159916fd69f07eec4bc79727d61f0d9cdc3159f023ee31b7

  • SSDEEP

    6144:CSM5dI4ha1t1f6/CHrhs+l1hyLpaI8Syh3NkUFk193xQT:ma1tl6krhsY1ELpa7NjKP3xQT

Score
10/10

Malware Config

Targets

    • Target

      e5dffb10478be0abd56242cc8e383f62b48601c5806a2288dff02867e49f95f4

    • Size

      432KB

    • MD5

      ebc153e7e315ee3471ea6e3d8c07e9f8

    • SHA1

      a961e8143a7923b20a588ccda9e3c515ebd10f90

    • SHA256

      e5dffb10478be0abd56242cc8e383f62b48601c5806a2288dff02867e49f95f4

    • SHA512

      e1db59a4b7b38106c9968c481690cf6bb847eaf11c91384867e64faec5f20c9b721977038b1a161c1d91be1e3e0b6c67fca053817c0459ebbf0e3082a992905b

    • SSDEEP

      12288:+UCmZiCM1PoyuoBkhouioO8vaLFHIdPxBBBn3xYt:MCEAycWuTf0FwPPRYt

    Score
    10/10
    • Expiro, m0yv

      Expiro aka m0yv is a multi-functional backdoor written in C++.

    • Expiro payload

MITRE ATT&CK Matrix

Tasks