expiro | d98bd474f2c6f2c184833d35b0a61500770a8758bde240eeaee4f40722fcd4bd | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

3

5fcd444fc2...18.exe

windows10-2004-x64

Sharing

General

Target

5fcd444fc2c241be8829b932ff3a445b_JaffaCakes118
Size

416KB
Sample

240720-knhhxsybrd
MD5

5fcd444fc2c241be8829b932ff3a445b
SHA1

aca35b76baf94e48151aaee854cfba7f4612d775
SHA256

d98bd474f2c6f2c184833d35b0a61500770a8758bde240eeaee4f40722fcd4bd
SHA512

5d8ed67f63a9d0fc87772f9eb38998fd1e35b67e25d14fcc392ce1e13c2414a7dc037e42b90b9d1e05c11ad6109e7a31e17694b9d95cc3b1571ea2fb009abf23
SSDEEP

6144:dsSilHj3KcK0TrULIiUn8OIiqP5jGn/docdrzh5GR+y6JayhETOg:dnIbEIiUn8OpWhGucVL8Zm

Score

10^/10

expiro backdoor

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

5fcd444fc2c241be8829b932ff3a445b_JaffaCakes118.exe

Resource

win10v2004-20240709-en

expiro backdoor

windows10-2004-x64

2 signatures

150 seconds

Malware Config

Targets

- Target
  
  5fcd444fc2c241be8829b932ff3a445b_JaffaCakes118
- Size
  
  416KB
- MD5
  
  5fcd444fc2c241be8829b932ff3a445b
- SHA1
  
  aca35b76baf94e48151aaee854cfba7f4612d775
- SHA256
  
  d98bd474f2c6f2c184833d35b0a61500770a8758bde240eeaee4f40722fcd4bd
- SHA512
  
  5d8ed67f63a9d0fc87772f9eb38998fd1e35b67e25d14fcc392ce1e13c2414a7dc037e42b90b9d1e05c11ad6109e7a31e17694b9d95cc3b1571ea2fb009abf23
- SSDEEP
  
  6144:dsSilHj3KcK0TrULIiUn8OIiqP5jGn/docdrzh5GR+y6JayhETOg:dnIbEIiUn8OpWhGucVL8Zm
Score

10^/10

expiro backdoor
- Expiro, m0yv
  Expiro aka m0yv is a multi-functional backdoor written in C++.
  backdoor expiro
- Expiro payload
  backdoor
behavioral1

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

© 2018-2025

Terms | Privacy