expiro | c43c12d824cfe059ae09edb5cb42e9a538318b2c0cb50f3220517d68344de038 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

3

0dca1010f3...18.exe

windows10-2004-x64

Sharing

General

Target

0dca1010f3effe9464256fad53bd1935_JaffaCakes118
Size

432KB
Sample

241003-ef8ggsxard
MD5

0dca1010f3effe9464256fad53bd1935
SHA1

fd684e23690c002a56c45c4e668f477a07ca4ccd
SHA256

c43c12d824cfe059ae09edb5cb42e9a538318b2c0cb50f3220517d68344de038
SHA512

9880cbd87a41a9adeb9f12abfecf25586a03ebf817bea3bb7299f1d2d24b77c48622dd02d43c294a60092117ff5a1c9b625aec6f4ea790dbb527c8ef3b5cb6c7
SSDEEP

12288:+UCmZiCNPcT2Asp7rltAUtNNoCBII/OUf5DOK:MCRTAMlKUtNeCCI1f5Z

Score

10^/10

expiro backdoor

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

0dca1010f3effe9464256fad53bd1935_JaffaCakes118.exe

Resource

win10v2004-20240802-en

expiro backdoor

windows10-2004-x64

2 signatures

150 seconds

Malware Config

Targets

- Target
  
  0dca1010f3effe9464256fad53bd1935_JaffaCakes118
- Size
  
  432KB
- MD5
  
  0dca1010f3effe9464256fad53bd1935
- SHA1
  
  fd684e23690c002a56c45c4e668f477a07ca4ccd
- SHA256
  
  c43c12d824cfe059ae09edb5cb42e9a538318b2c0cb50f3220517d68344de038
- SHA512
  
  9880cbd87a41a9adeb9f12abfecf25586a03ebf817bea3bb7299f1d2d24b77c48622dd02d43c294a60092117ff5a1c9b625aec6f4ea790dbb527c8ef3b5cb6c7
- SSDEEP
  
  12288:+UCmZiCNPcT2Asp7rltAUtNNoCBII/OUf5DOK:MCRTAMlKUtNeCCI1f5Z
Score

10^/10

expiro backdoor
- Expiro, m0yv
  Expiro aka m0yv is a multi-functional backdoor written in C++.
  backdoor expiro
- Expiro payload
  backdoor
behavioral1

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

© 2018-2025

Terms | Privacy