Overview

overview

10

Static

static

3

9cde8a5dca...18.exe

windows7-x64

10

9cde8a5dca...18.exe

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    9cde8a5dca13bcb95189dfbf7a7eebcb_JaffaCakes118

  • Size

    194KB

  • Sample

    241125-vxnfmsxngy

  • MD5

    9cde8a5dca13bcb95189dfbf7a7eebcb

  • SHA1

    c1b3a2eab1667e7ef64608a6bc26d0fbc5d98ee4

  • SHA256

    02c7c5e8d0668fc497d038ee7a40459fa808e0a2043523a8012ac5a6e902fa5d

  • SHA512

    07e04af4235a595075e3d8babc59ca9903c06be809dfd47be9c8813f5eff58fc95c48d3e9e7cd4ac162eb7be53d2e936b6736cc74199ebb729f9e27bbc487d8f

  • SSDEEP

    3072:c19J68QZBtSvYnyvs3BBmiqktLSnzFtLhLSNDOBiB1tAclDrV0M2le0GV:cptQZBzyvsxE+LyzvhmYs1e3i

Score
10/10
cycbotbackdoordiscoveryratspywarestealerupx

Malware Config

Targets

    • Target

      9cde8a5dca13bcb95189dfbf7a7eebcb_JaffaCakes118

    • Size

      194KB

    • MD5

      9cde8a5dca13bcb95189dfbf7a7eebcb

    • SHA1

      c1b3a2eab1667e7ef64608a6bc26d0fbc5d98ee4

    • SHA256

      02c7c5e8d0668fc497d038ee7a40459fa808e0a2043523a8012ac5a6e902fa5d

    • SHA512

      07e04af4235a595075e3d8babc59ca9903c06be809dfd47be9c8813f5eff58fc95c48d3e9e7cd4ac162eb7be53d2e936b6736cc74199ebb729f9e27bbc487d8f

    • SSDEEP

      3072:c19J68QZBtSvYnyvs3BBmiqktLSnzFtLhLSNDOBiB1tAclDrV0M2le0GV:cptQZBzyvsxE+LyzvhmYs1e3i

    Score
    10/10
    cycbotbackdoordiscoveryratspywarestealerupx

    • Cycbot

      Cycbot is a backdoor and trojan written in C++..

      backdoorratcycbot

    • Cycbot family

      cycbot

    • Detects Cycbot payload

      Cycbot is a backdoor and trojan written in C++.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks