General

  • Target

    7593cac1048b58bcf2261ff749c021e2.zip

  • Size

    314KB

  • Sample

    240903-ew3wyayanf

  • MD5

    3e5c94423f1523c299bee3852ddf612c

  • SHA1

    046829910a62c29e35ec614df9622c6e2f59ed38

  • SHA256

    6f2df324fae653a2d55b7cc742ebf99c5e0226ec0b05884f4464e431ffa901f0

  • SHA512

    9ffb49cb25e52d6d993dc0e98d003d672bc2b8ed6a45f8eea2ac874d089e024555d4c05d13fc8aec26db5a342e6717af4cab73e4137f7f9d66a48a130807ad65

  • SSDEEP

    6144:SowX7kMbL7Ibl5WSc8oXixIlxkOWuoSN+DBIl+bQjZcQJD9Nx7WF5t1R:c7XbwYSvmrRs5bQi2/x7WF5t7

Malware Config

Targets

    • Target

      2f750678eea4b5d7af26aa95042b1f993c437f09a8aecf3c1ec965fd47217034

    • Size

      457KB

    • MD5

      7593cac1048b58bcf2261ff749c021e2

    • SHA1

      20a858302c1cb0058bc7d0553a0240b17a3f2068

    • SHA256

      2f750678eea4b5d7af26aa95042b1f993c437f09a8aecf3c1ec965fd47217034

    • SHA512

      cca7abb28dc6f32ab16635d116a1ebc4c1d9e4f4c6f198e7533c029a1ad71e90477f1d7ac9d1106be6305ba15a4df8969237377792512743933771c91812b0c3

    • SSDEEP

      6144:eZiEOK99kXezLXmO3aPMV8kEHhPXkm8LBteFJM9gRY+e2at8cxY7FwWKq5XsN:e0eXXmU0MuZdkv1gJMZX8cxY7Fw/ys

    • Expiro, m0yv

      Expiro aka m0yv is a multi-functional backdoor written in C++.

    • Expiro payload

MITRE ATT&CK Enterprise v15

Tasks