General

  • Target

    d48fbbce1ec5a96891a6f555f4387bfd.zip

  • Size

    300KB

  • Sample

    240901-2l6amsvcka

  • MD5

    e69c3f0abdf47b1d0dd70330a06bc409

  • SHA1

    8991452bc9a7e06bbb6535b894f0570d8557d04e

  • SHA256

    6a5954941cd072cffbca509d2010b5dc6f8038fe968cfd114dea0b27341ad159

  • SHA512

    21710813b885fc652bb0129021d9b4a34a5b680f2d71a7c3e5800b424049dfad9f2a0e18698ffc08630cd911d6634aeabe97c5af57694f666241995c5b4dd394

  • SSDEEP

    6144:OEIgAgS0a2+yP5zU524JcmPApZ+TAqdDb3lyMd+1ZA5piCOyVeA5/4do:OEI7B2P5zU52acmP3TAIDpqBU4o

Score
10/10

Malware Config

Targets

    • Target

      dcd9f801d6b986f9ed4707022d65d7cad5db06ff8e85f6b2ec40d7483fb9432e

    • Size

      432KB

    • MD5

      d48fbbce1ec5a96891a6f555f4387bfd

    • SHA1

      81cbc07c2f86c112f61d9ea988185b6542a8b3f4

    • SHA256

      dcd9f801d6b986f9ed4707022d65d7cad5db06ff8e85f6b2ec40d7483fb9432e

    • SHA512

      757cdcedaa38710e0774e8f3db322a4389113d02f2fcd32b64baef38640d616c8b23b3876cf2ff3cf902fe58d57c0b4d75439a274affd187dc14052e08f97ba1

    • SSDEEP

      12288:AUCmZiCY11Gkw/dskakSBYibprEyFPcGcSrkCxwMjrO2:mCk+bQYi6yFsSbxbrO

    Score
    10/10
    • Expiro, m0yv

      Expiro aka m0yv is a multi-functional backdoor written in C++.

    • Expiro payload

MITRE ATT&CK Matrix

Tasks