expiro | be622579d311a0e62f68308c214c95f274b2def71772a8b91c1926d978a2d1f6 | Triage

Submit
Reports

Overview

overview

Static

static

3

5b6dbe5cec...18.exe

windows7-x64

5b6dbe5cec...18.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

Target

5b6dbe5cecf800060da0c430e58cf4f5_JaffaCakes118
Size

437KB
Sample

240719-ltw4yaybje
MD5

5b6dbe5cecf800060da0c430e58cf4f5
SHA1

4af218c629d8542c60a919e5d036fcf214b07831
SHA256

be622579d311a0e62f68308c214c95f274b2def71772a8b91c1926d978a2d1f6
SHA512

f34cddb2c132f1f63a1d219868737cb51c0a0b05e52e10012b477ef8887a2d313dc0a13d6005808ea26b582985a54ffdf7a1ba6cdba8668875dd727e9a3fc4dd
SSDEEP

6144:U8Vwm2i+mKaN68U8Wdvym8fXZkL/L07IkX/c6MVO4zXUdn1NwBLDmFBF3UN:wri+m/A4Wx3UC/LzARMVO4sNyDm3F3U

Score

10^/10

expiro backdoor

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

5b6dbe5cecf800060da0c430e58cf4f5_JaffaCakes118.exe

Resource

win7-20240704-en

expiro backdoor

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

5b6dbe5cecf800060da0c430e58cf4f5_JaffaCakes118.exe

Resource

win10v2004-20240709-en

expiro backdoor

windows10-2004-x64

3 signatures

150 seconds

Malware Config

Targets

- Target
  
  5b6dbe5cecf800060da0c430e58cf4f5_JaffaCakes118
- Size
  
  437KB
- MD5
  
  5b6dbe5cecf800060da0c430e58cf4f5
- SHA1
  
  4af218c629d8542c60a919e5d036fcf214b07831
- SHA256
  
  be622579d311a0e62f68308c214c95f274b2def71772a8b91c1926d978a2d1f6
- SHA512
  
  f34cddb2c132f1f63a1d219868737cb51c0a0b05e52e10012b477ef8887a2d313dc0a13d6005808ea26b582985a54ffdf7a1ba6cdba8668875dd727e9a3fc4dd
- SSDEEP
  
  6144:U8Vwm2i+mKaN68U8Wdvym8fXZkL/L07IkX/c6MVO4zXUdn1NwBLDmFBF3UN:wri+m/A4Wx3UC/LzARMVO4sNyDm3F3U
Score

10^/10

expiro backdoor
- Expiro, m0yv
  Expiro aka m0yv is a multi-functional backdoor written in C++.
  backdoor expiro
- Expiro payload
  backdoor
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy