General

  • Target

    de1a75bb31a301aebc6388f8c4862cfd.zip

  • Size

    306KB

  • Sample

    240901-x12hsazcjr

  • MD5

    d724fe693a69a8a835e3efdc86bfa200

  • SHA1

    6250d8537d5c7b8861b9075cbba32b0865b76974

  • SHA256

    ab8b94d9b1e3ece3c09ef6a36579f6184b67c391db5e75c519cf03fecf07d9a8

  • SHA512

    2b050ad7deb7ad6a1207607d3324969c1b741c397773dcee6487930d4264b08ca2c71298c3763c093a064cc89bb7b3f18b132beed7c8c6ada7b65eec38c7fd1e

  • SSDEEP

    6144:fIO+98U8A6REoqKyqREaoWxcuJ+Irwf5J/GkgmXG9:fIO+yU8Ai1qKyHWbJBwX/HHXA

Score
10/10

Malware Config

Targets

    • Target

      eee7f25feb5dbb96db1e0db9bfbf340a0294b8a68d320b26034eb204a019c545

    • Size

      432KB

    • MD5

      de1a75bb31a301aebc6388f8c4862cfd

    • SHA1

      44b08c0d863c094be31115c851e75429cea886cd

    • SHA256

      eee7f25feb5dbb96db1e0db9bfbf340a0294b8a68d320b26034eb204a019c545

    • SHA512

      9017967f3002ee843fd8d68ebe0917f70a744826898c7d779701456697478d78836be832d9fc4ec02502773272e384b8db12e0ab79aa496f9b33fe021f5c970c

    • SSDEEP

      12288:UUCmZiCkhYDQP5EamITBu0kxtZRr3hPKp4+PWw3Y5N:CCfaJFuThvPKp4j

    Score
    10/10
    • Expiro, m0yv

      Expiro aka m0yv is a multi-functional backdoor written in C++.

    • Expiro payload

MITRE ATT&CK Matrix

Tasks