Overview

overview

10

Static

static

3

957c58f44a...18.exe

windows7-x64

10

957c58f44a...18.exe

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    957c58f44ae8a07021e5ad4423393905_JaffaCakes118

  • Size

    164KB

  • Sample

    241124-sk9f8svphw

  • MD5

    957c58f44ae8a07021e5ad4423393905

  • SHA1

    4c64f1511da8c8755ff3fa28cdbebbb99a7a17a9

  • SHA256

    b0092c991823f7b85f494a276b890805ded941ec04557140810a27a791f07a30

  • SHA512

    715dd76b8cc5a4500f2e0f5c154319e432d7c396f49060d4ef9b13a95b733bc801501beb89b74b0fdc4199f8f23fd8b2304ad7be27c74069351f5aa69ee76614

  • SSDEEP

    3072:GmfJmOJHYuBuyWKfo1y+/Ihyt3hJWQ8V+yAsOezzEOYHq0aIcZtL:IONYuBuyIYtQgzOezRYHqM

Score
10/10
cycbotbackdoordiscoveryratspywarestealerupx

Malware Config

Targets

    • Target

      957c58f44ae8a07021e5ad4423393905_JaffaCakes118

    • Size

      164KB

    • MD5

      957c58f44ae8a07021e5ad4423393905

    • SHA1

      4c64f1511da8c8755ff3fa28cdbebbb99a7a17a9

    • SHA256

      b0092c991823f7b85f494a276b890805ded941ec04557140810a27a791f07a30

    • SHA512

      715dd76b8cc5a4500f2e0f5c154319e432d7c396f49060d4ef9b13a95b733bc801501beb89b74b0fdc4199f8f23fd8b2304ad7be27c74069351f5aa69ee76614

    • SSDEEP

      3072:GmfJmOJHYuBuyWKfo1y+/Ihyt3hJWQ8V+yAsOezzEOYHq0aIcZtL:IONYuBuyIYtQgzOezRYHqM

    Score
    10/10
    cycbotbackdoordiscoveryratspywarestealerupx

    • Cycbot

      Cycbot is a backdoor and trojan written in C++..

      backdoorratcycbot

    • Cycbot family

      cycbot

    • Detects Cycbot payload

      Cycbot is a backdoor and trojan written in C++.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks