expiro | e64fab89efc375ba4c0b17e2686aedcea2cc47528c71b5c60907b87378e5cb28 | Triage

Submit
Reports

Overview

overview

Static

static

3

e64fab89ef...28.exe

windows7-x64

e64fab89ef...28.exe

windows10-2004-x64

Sharing

General

Target

e64fab89efc375ba4c0b17e2686aedcea2cc47528c71b5c60907b87378e5cb28.exe
Size

927KB
Sample

250108-gd28sswphz
MD5

e9db060d9f0d74139463d7a84a12d669
SHA1

49cb9c6870d0d3795b9e46dfa0f7511cd9ff7767
SHA256

e64fab89efc375ba4c0b17e2686aedcea2cc47528c71b5c60907b87378e5cb28
SHA512

26330d60f6857878a6e225bf16f283d1904ee0998e8f803dd5b26a914695facd81140548ca77d0debf9b527d43b595508087615f0e52e3b45453862bc2759881
SSDEEP

24576:RjkqcetqSd1ELP34MYTNvyvzEYoo+iiNuZXLk:xkqjtqSDELPYsbHO

Score

10^/10

expiro backdoor discovery

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

e64fab89efc375ba4c0b17e2686aedcea2cc47528c71b5c60907b87378e5cb28.exe

Resource

win7-20240903-en

expiro backdoor discovery

windows7-x64

5 signatures

120 seconds

Behavioral task

behavioral2

Sample

e64fab89efc375ba4c0b17e2686aedcea2cc47528c71b5c60907b87378e5cb28.exe

Resource

win10v2004-20241007-en

expiro backdoor discovery

windows10-2004-x64

10 signatures

120 seconds

Malware Config

Targets

- Target
  
  e64fab89efc375ba4c0b17e2686aedcea2cc47528c71b5c60907b87378e5cb28.exe
- Size
  
  927KB
- MD5
  
  e9db060d9f0d74139463d7a84a12d669
- SHA1
  
  49cb9c6870d0d3795b9e46dfa0f7511cd9ff7767
- SHA256
  
  e64fab89efc375ba4c0b17e2686aedcea2cc47528c71b5c60907b87378e5cb28
- SHA512
  
  26330d60f6857878a6e225bf16f283d1904ee0998e8f803dd5b26a914695facd81140548ca77d0debf9b527d43b595508087615f0e52e3b45453862bc2759881
- SSDEEP
  
  24576:RjkqcetqSd1ELP34MYTNvyvzEYoo+iiNuZXLk:xkqjtqSDELPYsbHO
Score

10^/10

expiro backdoor discovery
- Expiro family
  expiro
- Expiro, m0yv
  Expiro aka m0yv is a multi-functional backdoor written in C++.
  backdoor expiro
- Expiro payload
  backdoor
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

expirobackdoordiscovery

behavioral2

expirobackdoordiscovery

© 2018-2025

Terms | Privacy