General

  • Target

    a742f013185b78dce9aa15cd334defb7.zip

  • Size

    314KB

  • Sample

    240903-gb719syclj

  • MD5

    ff9199a6598dc96c47e27e69361590b0

  • SHA1

    c9e10dd0ef991afe523b17b38ebdf11d60b9c631

  • SHA256

    f9861618cf3ffcf8d626fa532a1473c4f1e9b381957f7032fc6f70b78d9fa707

  • SHA512

    979307dde8ddb4de22243d3cbdcf26812262ecd1ed057802de3a4025b73244bcc8c6085853e57e9198497c267fda6dfa3354953d4abc08740c6b94d561773b7a

  • SSDEEP

    6144:8G7XSv4l58MeFm+PgaujCYjZ4KSXDpDSA/fknVoUvLfbsw8elvQ7GiNpGt0e:8G2LMkm+PuCiCXtDSofkV5LfbsXeloGl

Malware Config

Targets

    • Target

      3155ca60c95744ea670abdf897f1b43a9df1d02ddebde020fbacd5a095579900

    • Size

      456KB

    • MD5

      a742f013185b78dce9aa15cd334defb7

    • SHA1

      05f339ee6fee71dee60f4aa2bbc8fb3f226c8234

    • SHA256

      3155ca60c95744ea670abdf897f1b43a9df1d02ddebde020fbacd5a095579900

    • SHA512

      eb233823d6c4e68d22d410356fd91e9bd29f8c18f7393e9eb035c9523049a92548731bed2c130c11a357e97c21de58bbc0c30eb46c5dbc866385c1b4575b1c1d

    • SSDEEP

      12288:8hzKCTFlTwpsK/ZeXj3N3kVbXI4cvsnFiOk3CwgQ51:MtTFlTwpsK/Zwe5TnFiOk3BV5

    • Expiro, m0yv

      Expiro aka m0yv is a multi-functional backdoor written in C++.

    • Expiro payload

MITRE ATT&CK Enterprise v15

Tasks