General

  • Target

    65c383163064e7db7c8246480a343ea5.zip

  • Size

    300KB

  • Sample

    240901-tzjd2awbpm

  • MD5

    7b1cfc205ffdcb1be4ec9244240395f9

  • SHA1

    926818b500a377b84d452d92d2b53e43859e6ce0

  • SHA256

    9dd8f9d5496d6be04a6203676c73e7c22a64e7957f209568cfa098aa083d47ff

  • SHA512

    217c421bf314281b8f491690821c995020e662c84bb8c9ae305e8e5dee97b81b720fc7635b3f8b25fccc2b3a80745800ff1f639fb80bb98ac7928ab3f410888c

  • SSDEEP

    6144:5B+pMRBah9jVyzH+kGd/10DyNEXK5ErQyP+T1z1tfhKAfYmPd:5BAeIvkDTDM5hZNbfhKAfh

Score
10/10

Malware Config

Targets

    • Target

      9b95c5a7758eb3a3c253257c97e3652a9f39ae1e4106a0b132caaada2a8beead

    • Size

      432KB

    • MD5

      65c383163064e7db7c8246480a343ea5

    • SHA1

      9f8a0aebe0692fb6d7008d60b0dc2e3b336e0fa9

    • SHA256

      9b95c5a7758eb3a3c253257c97e3652a9f39ae1e4106a0b132caaada2a8beead

    • SHA512

      61bf9ce813c6f3563bc30d83d024c83463f6dc03d7910a3868fb39c47994cb9c9b03985e299edc959765cbf3193c994ebb00c98032dcb21fb335ffddefa1ccc9

    • SSDEEP

      6144:tFUCmZqoFWC6xersPYJpyaral2s3X4HXyxCNnaDIn+eunuCPb6p5NgmKR0Rhzjb:HUCmZiCcPYvyamv8Su+eun7OnNPKMhr

    Score
    10/10
    • Expiro, m0yv

      Expiro aka m0yv is a multi-functional backdoor written in C++.

    • Expiro payload

MITRE ATT&CK Matrix

Tasks