General

  • Target

    17b2ef11f3d2707d223caa6472b7bccb.zip

  • Size

    300KB

  • Sample

    240903-hhrtaszepj

  • MD5

    450dff7a2f6909330ed3948b3d1d1166

  • SHA1

    6788b7fda4bc0b8deebda0bca297f62b819ae9b3

  • SHA256

    02f8b8b9a496c08a907024919eb92938153a2223b2ff1a339c6fb0c8e0d985d0

  • SHA512

    2b48e27f3af06e918ea88ea88999961a990acd93ab45704a614b31c255f0263d72922a2732c0255f3d7e6a8c3032b96818e2e105f049819f4cd5c703ae2a55b4

  • SSDEEP

    6144:Lt8fU4Hrog2ArxtIzzJlrVcDaMw7PL0LsAPe5mrnPdxNUeBs:LtoLx2AXuzGaP2sAPdP/jBs

Score
10/10

Malware Config

Targets

    • Target

      9a57c9c9f08df9101b2494b50cf66b2fd40bee0c3a1cba12c1fc9971ef4eefab

    • Size

      432KB

    • MD5

      17b2ef11f3d2707d223caa6472b7bccb

    • SHA1

      544b4d885387b59e66b2182e3e3f304ae00bb4c9

    • SHA256

      9a57c9c9f08df9101b2494b50cf66b2fd40bee0c3a1cba12c1fc9971ef4eefab

    • SHA512

      a54c12a4853a5bb97ab14324d8ed0fd4a2dc3a4fb92dcf20ad2a7e92037882e3088431ea50c6fb7c63a0c6a5f09ea1073f747ffbe1973a8e610b6aad9a6a2b6b

    • SSDEEP

      6144:CFUCmZqoFWC6xXMq+DD2GhAtaTLMs1hfF3oS3fk59pvmuDOHjXug1IM3g:aUCmZiC1q+DD2G2s/xPfF4DhLI+o8

    Score
    10/10
    • Expiro, m0yv

      Expiro aka m0yv is a multi-functional backdoor written in C++.

    • Expiro payload

MITRE ATT&CK Matrix

Tasks