General

  • Target

    53113c30fb029e7731f00d3ad950873d.zip

  • Size

    300KB

  • Sample

    240901-hjjt3stgqn

  • MD5

    3536a2d1dd902f77ce2ebb5b3cb44bb0

  • SHA1

    e3b69bfe2c1e4a313f6907cab0ae0f9280386077

  • SHA256

    83295a0f550bcfc7de30d56cde1f3036fc5dd5c0b0a8f8ce3b201c6959be9246

  • SHA512

    85ff3fb86a444da1e04b36b479720a4d50533919eb1c903380dc54f8a007f2d4f07e9183a532524196584af5ae46ae82fda21b3ee34c1d4bb8f4ab3f2ab43682

  • SSDEEP

    6144:75o/Rb8aW2TOioRh9hnoiRSClEXBIA2KDVpPrZAJIuNsbCkJ/iD:75oJIaXVoPzoeCXYNsbCA/A

Score
10/10

Malware Config

Targets

    • Target

      0fe995b416f681c00a23591cc5581db40da54747a87da1290a23e646e2ff32d3

    • Size

      432KB

    • MD5

      53113c30fb029e7731f00d3ad950873d

    • SHA1

      b4bee0820ac31b6e5e1f9b35e0cdbad20342c4ee

    • SHA256

      0fe995b416f681c00a23591cc5581db40da54747a87da1290a23e646e2ff32d3

    • SHA512

      8fa5a1bc77398b61d63b3fbab00e6afa5f60d4a7fafe318e515edc55e9b9694bb2fc17f848fe566fc1adc0e5b4c69741a49329784619633cc8b538698e5c62bf

    • SSDEEP

      12288:rUCmZiCZA4vtD+C+N4Cu6xZ0XmEI1KdukGzrzKQyfW5:lCZA4vtKC+N4Cu9mE78kGzyQeW

    Score
    10/10
    • Expiro, m0yv

      Expiro aka m0yv is a multi-functional backdoor written in C++.

    • Expiro payload

MITRE ATT&CK Matrix

Tasks