General

  • Target

    8cdeacf36906d8b09d78dbc96804d0e2.zip

  • Size

    3.5MB

  • Sample

    240903-yb1evsvell

  • MD5

    8cf4d05053b2198fdd3270fae3fbfad6

  • SHA1

    067af6d434001a0544502860f53b3e9b5ebe25e2

  • SHA256

    ce3c99747d3e114d81c66273e87a35e237913291310327a42e591c66178943e7

  • SHA512

    54bc32269e731d17ee380fb6eec3c4d709b5f6744758719f78a4103aedb9969ed0a086b3aed3acb32df8826400b5a631313b6bcacaae889748f5ee26d861623d

  • SSDEEP

    98304:cqebeu20F+WPeMme7dFYd9AoK4an0ZOck18:WJF+WPeMhZF6Aflcn

Malware Config

Targets

    • Target

      07aca723d518a22afaabb3aec196968940a2fd2d170744782ef9c732afeb8b4a

    • Size

      7.3MB

    • MD5

      8cdeacf36906d8b09d78dbc96804d0e2

    • SHA1

      16dc3178c7ec5971ff5b7f40ea725f3a259e2dda

    • SHA256

      07aca723d518a22afaabb3aec196968940a2fd2d170744782ef9c732afeb8b4a

    • SHA512

      30aeef03a731ac7bb7f93adec3b89da0370cc041383e51761ef7a7c70aa369776d2a42244a3c0c2352d98f92c262ecb92b67b87d9779b63b43074ede3ad6e71c

    • SSDEEP

      98304:/xC3ud6MOIvysiwCQKzo5qphIHVruP3WpF3UdE1hZHEdLFzmil+:UGQFMkhgJuP32+dmhZk/t

    • Expiro, m0yv

      Expiro aka m0yv is a multi-functional backdoor written in C++.

    • Expiro payload

MITRE ATT&CK Enterprise v15

Tasks