expiro | f81c2299e37ad735d556919ccbf737264180f3f3e3c002a7a07433f8e925fab9 | Triage

Submit
Reports

Overview

overview

Static

static

3

c394b1dff8...18.exe

windows10-2004-x64

Sharing

General

Target

c394b1dff8f14e0e578a3310cdb0623b_JaffaCakes118
Size

432KB
Sample

240404-2khg7ach42
MD5

c394b1dff8f14e0e578a3310cdb0623b
SHA1

6e5deb060e363669d7bbb2f6dacde7ed4d5e3293
SHA256

f81c2299e37ad735d556919ccbf737264180f3f3e3c002a7a07433f8e925fab9
SHA512

296bbb427a059552961c49386f2efe7a627b801363779cd317fb54a976def0af9bb4699b5a5c1788f7f2bc1925104524fc8492b3d21ea29f5a3afd2e03ea4296
SSDEEP

12288:kUCmZiC2e6h0pI4VXMSyUtNNoCBII/OUf5DOK:yC2eSkXMSyUtNeCCI1f5Z

Score

10^/10

expiro backdoor

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

c394b1dff8f14e0e578a3310cdb0623b_JaffaCakes118.exe

Resource

win10v2004-20231215-en

expiro backdoor

windows10-2004-x64

2 signatures

150 seconds

Malware Config

Targets

- Target
  
  c394b1dff8f14e0e578a3310cdb0623b_JaffaCakes118
- Size
  
  432KB
- MD5
  
  c394b1dff8f14e0e578a3310cdb0623b
- SHA1
  
  6e5deb060e363669d7bbb2f6dacde7ed4d5e3293
- SHA256
  
  f81c2299e37ad735d556919ccbf737264180f3f3e3c002a7a07433f8e925fab9
- SHA512
  
  296bbb427a059552961c49386f2efe7a627b801363779cd317fb54a976def0af9bb4699b5a5c1788f7f2bc1925104524fc8492b3d21ea29f5a3afd2e03ea4296
- SSDEEP
  
  12288:kUCmZiC2e6h0pI4VXMSyUtNNoCBII/OUf5DOK:yC2eSkXMSyUtNeCCI1f5Z
Score

10^/10

expiro backdoor
- Expiro, m0yv
  Expiro aka m0yv is a multi-functional backdoor written in C++.
  backdoor expiro
- Expiro payload
  backdoor
behavioral1

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

© 2018-2025

Terms | Privacy