expiro | 7dd32adae1b33b5d3f041e723f648d883bee7485b8e48f1aec3c4ffabac00eb7 | Triage

Submit
Reports

Overview

overview

Static

static

3

7dd32adae1...b7.exe

windows7-x64

7dd32adae1...b7.exe

windows10-2004-x64

Sharing

General

Target

7dd32adae1b33b5d3f041e723f648d883bee7485b8e48f1aec3c4ffabac00eb7
Size

567KB
Sample

241220-cmzf2sxkgr
MD5

0ea4caaae0f84e80b1d20c2de766f046
SHA1

3bba16483ce758075ffe5ede4e81699a952d552a
SHA256

7dd32adae1b33b5d3f041e723f648d883bee7485b8e48f1aec3c4ffabac00eb7
SHA512

02d8194be60c58546de9b363371cd7d9bc14b0ebccfbf483c72afc1fce2cc35bbdc71807d5323cde03ed2b62349dc33d3792d2c078d77f3434a6ab4c05d77914
SSDEEP

12288:agwzKlEa58XMiOs2XK6zF924eDUeFy/NROXAqpR8djy:ZGe8XMLsS5R92JDUeE/NROQq0y

Score

10^/10

expiro backdoor discovery

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

7dd32adae1b33b5d3f041e723f648d883bee7485b8e48f1aec3c4ffabac00eb7.exe

Resource

win7-20240903-en

expiro backdoor discovery

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral2

Sample

7dd32adae1b33b5d3f041e723f648d883bee7485b8e48f1aec3c4ffabac00eb7.exe

Resource

win10v2004-20241007-en

expiro backdoor discovery

windows10-2004-x64

7 signatures

150 seconds

Malware Config

Targets

- Target
  
  7dd32adae1b33b5d3f041e723f648d883bee7485b8e48f1aec3c4ffabac00eb7
- Size
  
  567KB
- MD5
  
  0ea4caaae0f84e80b1d20c2de766f046
- SHA1
  
  3bba16483ce758075ffe5ede4e81699a952d552a
- SHA256
  
  7dd32adae1b33b5d3f041e723f648d883bee7485b8e48f1aec3c4ffabac00eb7
- SHA512
  
  02d8194be60c58546de9b363371cd7d9bc14b0ebccfbf483c72afc1fce2cc35bbdc71807d5323cde03ed2b62349dc33d3792d2c078d77f3434a6ab4c05d77914
- SSDEEP
  
  12288:agwzKlEa58XMiOs2XK6zF924eDUeFy/NROXAqpR8djy:ZGe8XMLsS5R92JDUeE/NROQq0y
Score

10^/10

expiro backdoor discovery
- Expiro family
  expiro
- Expiro, m0yv
  Expiro aka m0yv is a multi-functional backdoor written in C++.
  backdoor expiro
- Expiro payload
  backdoor
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

expirobackdoordiscovery

behavioral2

expirobackdoordiscovery

© 2018-2025

Terms | Privacy