General

  • Target

    c42c4ff9b5360e7398537fcb8fd41901ddf55591002ff11b4311a218573395bb

  • Size

    300KB

  • Sample

    240902-mefdbaygkh

  • MD5

    39d33fd79dbb537a1b715377598127f5

  • SHA1

    e77eb3c8444044007d20414f03807b5cca6ee7b4

  • SHA256

    c42c4ff9b5360e7398537fcb8fd41901ddf55591002ff11b4311a218573395bb

  • SHA512

    f93f58d95dc32c665b955afaad57c0620de1952d576a67cf4afa99e421cb541896b3fe17bd73936fa265164f86cf9de8f6ea888207a21106786e6fcc1e025efe

  • SSDEEP

    6144:PW/BQF3k5j79NbYPXXBrFl9IJHr+TI6bE4NIi/4J86ugfWnfr2NXj:CBQ0/4/R5PMqTIt4Nn4JtYfqXj

Score
10/10

Malware Config

Targets

    • Target

      c124187e284f94c6e75051844d89b6dc92603d5221018c00eaf3d8dadcc31740

    • Size

      432KB

    • MD5

      01a7ca3600414bc432ce9edd0123600a

    • SHA1

      da0b8530448903f4aea0cc0178ea4b3f88b46f95

    • SHA256

      c124187e284f94c6e75051844d89b6dc92603d5221018c00eaf3d8dadcc31740

    • SHA512

      9f075a3751120eb3f946a5f7e2273628aab94769cd79c63b1b6295f9773e381c9ddc4153ad8968a5f79a547ec5d66a29caa999df3b718893bd4e70b2ab32194a

    • SSDEEP

      6144:7FUCmZqoFWC6xpFIfIjHYuk0zO4hD4fyR9ZIyUc5CokFiokBwVpvh9BBXRCl:xUCmZiC6TXzO4Sq5RD5CoF+vG

    Score
    10/10
    • Expiro, m0yv

      Expiro aka m0yv is a multi-functional backdoor written in C++.

    • Expiro payload

MITRE ATT&CK Matrix

Tasks