General

  • Target

    dc64fb891964a7694201dc450ccc7a4f.zip

  • Size

    329KB

  • Sample

    240902-bq33zaydjg

  • MD5

    988812c29ed91809f53516d8958976ed

  • SHA1

    1b066cadacbb94f64d46b515020c32e72297bd7e

  • SHA256

    00ce989fe271368a6512f8ca6c37771683766960500c3562196dca00ef9b5479

  • SHA512

    bac7dd202fa1473a5c4cd0a0ef7cb21ddcbe4805cf841969602a88b1eed789b99ef2c2a6358de201c1699669675425ac9e2caf66dfa5e9182f74becdbd826049

  • SSDEEP

    6144:zwdW43q/3Sx2tkB12pCA2W0rb802FyQtPigG0/fkiBIjm4wr:0dl3q/3SVmd2ZH802Nhl/Z6jm4wr

Malware Config

Targets

    • Target

      49743c2e8e3d1ff87eb95d633804f3e215a344323699085096b5e832b3ae55dc

    • Size

      482KB

    • MD5

      dc64fb891964a7694201dc450ccc7a4f

    • SHA1

      cb214a7979e99b4445610d2e2064ae90c6146053

    • SHA256

      49743c2e8e3d1ff87eb95d633804f3e215a344323699085096b5e832b3ae55dc

    • SHA512

      875cb330fb155b77961f1d8075915764d9effa4bdfbae568feb39d622583552cb5fac8d8ed196f520e8d2b5dbe4d49d7fc23552d71d2eb5c9baa7aaccd5b5362

    • SSDEEP

      6144:wJxMdy+42CUfNDDCLawEBa9CrxJCkOzzxeEpysla4+oybZU+g22zlcUfn/uTHqVw:huEUyHOFeEgslVblDzlcUux8crCcJ

    • Expiro, m0yv

      Expiro aka m0yv is a multi-functional backdoor written in C++.

    • Expiro payload

MITRE ATT&CK Enterprise v15

Tasks