General

  • Target

    d0a07561429c8bf2a710ba8f28e88a27.zip

  • Size

    300KB

  • Sample

    240901-rlneqashmn

  • MD5

    81449a0014dd457f68b65b934098e0c0

  • SHA1

    72cef539be5ea200625b276bd6ddfc5178b063ac

  • SHA256

    e8711d28a4a298431ed7f41bc7f1d11838f3554e54980ffc04bd143f3aa21158

  • SHA512

    4e1bf8b8c288c14c65422049fb228d68ad735c6107ae15aefe07843d6ced2aba80f132706aa6c1edef4070c4683aa8c862c5bf7cde4d1103a8991148cfc8fb9f

  • SSDEEP

    6144:V0mhbbXDyP3JI5ZVNGc8eKwElKxFmLLtlpOGH1kmNPgmd:JbHyP3eZVyrxEFm7p9H1kmNPZd

Score
10/10

Malware Config

Targets

    • Target

      da961e2ef259a6989f065c8ccc6197955ac58af48ab37a1db15602754790067a

    • Size

      432KB

    • MD5

      d0a07561429c8bf2a710ba8f28e88a27

    • SHA1

      e5f489a8fd563faab635be2ef33767e77e0b46a3

    • SHA256

      da961e2ef259a6989f065c8ccc6197955ac58af48ab37a1db15602754790067a

    • SHA512

      e540b895e00e8becb584b89a03283b52c188136cf8152c9e843ef4975849384c1d636c8d0b96a1c26ca7103c0fafaef52763abcb2ced443b79fb39d6d8202cb3

    • SSDEEP

      12288:HUCmZiCQMBbM8WKutYYCc8gCzsVILw1ZrD:pCTjWKU7CgVI+rD

    Score
    10/10
    • Expiro, m0yv

      Expiro aka m0yv is a multi-functional backdoor written in C++.

    • Expiro payload

MITRE ATT&CK Matrix

Tasks