General

  • Target

    f7f2a3e035e415803643516b0e053910d088ef6eb624d7cf2457c9c5da3c61f3

  • Size

    751KB

  • Sample

    240909-nqhs9awakq

  • MD5

    b9f21cd33963aef3f71110cc284a6b54

  • SHA1

    2a69142d3a4d29b79d0f085fad6d96e573ae122c

  • SHA256

    f7f2a3e035e415803643516b0e053910d088ef6eb624d7cf2457c9c5da3c61f3

  • SHA512

    e9e6c91babfc46fdb6a555c6f6c8a42ad6a47705039101a8fe57f6129799cf0d1fa4641cbdd3cc4e9d1e1a249a7b5f602df813de468255a5e5e728e15a16d272

  • SSDEEP

    12288:vATlbRfky6B+mCW2HCSiFYJmE7EN+/IKwN/G4XQM7cDGBTOqCDZHMKrwMtwye2JL:vGlbht6BHF2HCnem75+OptQDmKrwite0

Malware Config

Targets

    • Target

      f7f2a3e035e415803643516b0e053910d088ef6eb624d7cf2457c9c5da3c61f3

    • Size

      751KB

    • MD5

      b9f21cd33963aef3f71110cc284a6b54

    • SHA1

      2a69142d3a4d29b79d0f085fad6d96e573ae122c

    • SHA256

      f7f2a3e035e415803643516b0e053910d088ef6eb624d7cf2457c9c5da3c61f3

    • SHA512

      e9e6c91babfc46fdb6a555c6f6c8a42ad6a47705039101a8fe57f6129799cf0d1fa4641cbdd3cc4e9d1e1a249a7b5f602df813de468255a5e5e728e15a16d272

    • SSDEEP

      12288:vATlbRfky6B+mCW2HCSiFYJmE7EN+/IKwN/G4XQM7cDGBTOqCDZHMKrwMtwye2JL:vGlbht6BHF2HCnem75+OptQDmKrwite0

    • Expiro, m0yv

      Expiro aka m0yv is a multi-functional backdoor written in C++.

    • Expiro payload

MITRE ATT&CK Enterprise v15

Tasks