Overview

overview

10

Static

static

3

be89dab47d...18.exe

windows7-x64

10

be89dab47d...18.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    be89dab47d2d5c5da678957e935683b1_JaffaCakes118

  • Size

    182KB

  • Sample

    241203-wg178ssjfj

  • MD5

    be89dab47d2d5c5da678957e935683b1

  • SHA1

    7797617a861de1c7a1881ed25b1d4e8ce0bf6e21

  • SHA256

    6ae9d2a3795c048fe91d3a85749a94b6c483006d841201998155a213bbed3e99

  • SHA512

    27ea7e5b953c14c46e25a07fd09fe04b5399e6a40ffa461a968dc661958bc33c137521f06783cbac0d28f45ab85ef7c0c1f61af5881a0f45f1043788695b9414

  • SSDEEP

    3072:U+A3w0NSJk5wD+hveJT7Mp2MDw9pI9R37IKIm7fgV5udVQ:b2wZJnChvC8p2MDwPICm7YV

Score
10/10
cycbotbackdoordiscoveryratspywarestealerupx

Malware Config

Targets

    • Target

      be89dab47d2d5c5da678957e935683b1_JaffaCakes118

    • Size

      182KB

    • MD5

      be89dab47d2d5c5da678957e935683b1

    • SHA1

      7797617a861de1c7a1881ed25b1d4e8ce0bf6e21

    • SHA256

      6ae9d2a3795c048fe91d3a85749a94b6c483006d841201998155a213bbed3e99

    • SHA512

      27ea7e5b953c14c46e25a07fd09fe04b5399e6a40ffa461a968dc661958bc33c137521f06783cbac0d28f45ab85ef7c0c1f61af5881a0f45f1043788695b9414

    • SSDEEP

      3072:U+A3w0NSJk5wD+hveJT7Mp2MDw9pI9R37IKIm7fgV5udVQ:b2wZJnChvC8p2MDwPICm7YV

    Score
    10/10
    cycbotbackdoordiscoveryratspywarestealerupx

    • Cycbot

      Cycbot is a backdoor and trojan written in C++..

      backdoorratcycbot

    • Cycbot family

      cycbot

    • Detects Cycbot payload

      Cycbot is a backdoor and trojan written in C++.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks