General

  • Target

    c1b2defc1298a0e03d85da41a023a1a0N.exe

  • Size

    653KB

  • Sample

    240901-1979gatcjj

  • MD5

    c1b2defc1298a0e03d85da41a023a1a0

  • SHA1

    12549e84afeb5abf52eebc6887218bd817acb6a5

  • SHA256

    a97fbb267813e185350c6bf28fac2388b7ec1238cec202f9581de337bbac0e2f

  • SHA512

    0cfce79784d00d8de6cbd8a97159c700012a6f5cd2053c412fb09dd0a5ae46c78955addbd79749bf7f21197d3dd2314f8cf34969a2f76f9c54e4221136b6b4fa

  • SSDEEP

    12288:ZMf7R8B1ElYPBl2UaJgrh7/fVGXNvdCyOvKw3V:Z27R8BilWl2UAgZ0XNv4XR3V

Malware Config

Targets

    • Target

      c1b2defc1298a0e03d85da41a023a1a0N.exe

    • Size

      653KB

    • MD5

      c1b2defc1298a0e03d85da41a023a1a0

    • SHA1

      12549e84afeb5abf52eebc6887218bd817acb6a5

    • SHA256

      a97fbb267813e185350c6bf28fac2388b7ec1238cec202f9581de337bbac0e2f

    • SHA512

      0cfce79784d00d8de6cbd8a97159c700012a6f5cd2053c412fb09dd0a5ae46c78955addbd79749bf7f21197d3dd2314f8cf34969a2f76f9c54e4221136b6b4fa

    • SSDEEP

      12288:ZMf7R8B1ElYPBl2UaJgrh7/fVGXNvdCyOvKw3V:Z27R8BilWl2UAgZ0XNv4XR3V

    • Expiro, m0yv

      Expiro aka m0yv is a multi-functional backdoor written in C++.

    • Expiro payload

MITRE ATT&CK Enterprise v15

Tasks