Overview

overview

10

Static

static

3

a62ef308fd...18.exe

windows7-x64

10

a62ef308fd...18.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    a62ef308fdc64bd3915affa7585201bc_JaffaCakes118

  • Size

    179KB

  • Sample

    241127-f96qeszmdy

  • MD5

    a62ef308fdc64bd3915affa7585201bc

  • SHA1

    9765e809641237de9daa09cc5592c44a58e0b170

  • SHA256

    522d5491525d787919d074d9cb9dbdd8d91193d6c21ae4604f867a827a85b07e

  • SHA512

    d802fb53e38a286ae06dde1e8d72fea3902d9329cdfb0a1af4c9db05f62ae4ee9827be71fdcb24cea5f0d153e5a818f98310aae26299599641dca51d91ec02ce

  • SSDEEP

    3072:L8svOQAkW/hGG03dj2bLYZurqqMR96F0AXNErDCHC1u815Se6gFprk:L/vOQrSGG0xeYZufMR9ATNEb1l5Syr

Score
10/10
cycbotbackdoordiscoveryratspywarestealerupx

Malware Config

Targets

    • Target

      a62ef308fdc64bd3915affa7585201bc_JaffaCakes118

    • Size

      179KB

    • MD5

      a62ef308fdc64bd3915affa7585201bc

    • SHA1

      9765e809641237de9daa09cc5592c44a58e0b170

    • SHA256

      522d5491525d787919d074d9cb9dbdd8d91193d6c21ae4604f867a827a85b07e

    • SHA512

      d802fb53e38a286ae06dde1e8d72fea3902d9329cdfb0a1af4c9db05f62ae4ee9827be71fdcb24cea5f0d153e5a818f98310aae26299599641dca51d91ec02ce

    • SSDEEP

      3072:L8svOQAkW/hGG03dj2bLYZurqqMR96F0AXNErDCHC1u815Se6gFprk:L/vOQrSGG0xeYZufMR9ATNEb1l5Syr

    Score
    10/10
    cycbotbackdoordiscoveryratspywarestealerupx

    • Cycbot

      Cycbot is a backdoor and trojan written in C++..

      backdoorratcycbot

    • Cycbot family

      cycbot

    • Detects Cycbot payload

      Cycbot is a backdoor and trojan written in C++.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks