General

  • Target

    39cf1e9465a62fbd766ca4c8dd53f5136bc7b5e6a8a1ac39c234b3acba92136d

  • Size

    426KB

  • Sample

    240908-f682da1eqh

  • MD5

    8f7e045d08e0159ad0a260f9cf4b02af

  • SHA1

    3591e650cd5985c5841ee7076ea4c8fd572524de

  • SHA256

    39cf1e9465a62fbd766ca4c8dd53f5136bc7b5e6a8a1ac39c234b3acba92136d

  • SHA512

    473d1fb7bc819dfef974ba3ea39c0f70a81b4d1c2be86444d30b5acba467bc434bbf1716d73b64d7c8a77ed1f557d486fc2058c7ff337809b70b2f83571f684b

  • SSDEEP

    6144:NAml/DRfkTC3dM7B+mCRtRD7kNs/Fd8ywnIC16zzfsa7m5x6xGbgEhYFpX63:NAmlbRfky6B+mCRfDN87nIlz7UQRw3

Malware Config

Targets

    • Target

      39cf1e9465a62fbd766ca4c8dd53f5136bc7b5e6a8a1ac39c234b3acba92136d

    • Size

      426KB

    • MD5

      8f7e045d08e0159ad0a260f9cf4b02af

    • SHA1

      3591e650cd5985c5841ee7076ea4c8fd572524de

    • SHA256

      39cf1e9465a62fbd766ca4c8dd53f5136bc7b5e6a8a1ac39c234b3acba92136d

    • SHA512

      473d1fb7bc819dfef974ba3ea39c0f70a81b4d1c2be86444d30b5acba467bc434bbf1716d73b64d7c8a77ed1f557d486fc2058c7ff337809b70b2f83571f684b

    • SSDEEP

      6144:NAml/DRfkTC3dM7B+mCRtRD7kNs/Fd8ywnIC16zzfsa7m5x6xGbgEhYFpX63:NAmlbRfky6B+mCRfDN87nIlz7UQRw3

    • Expiro, m0yv

      Expiro aka m0yv is a multi-functional backdoor written in C++.

    • Expiro payload

MITRE ATT&CK Enterprise v15

Tasks