Overview

overview

10

Static

static

3

381a38685b...2N.exe

windows7-x64

10

381a38685b...2N.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    381a38685bf71e10a9b240c3ffa9c7e2af1a8f93a5276c40078cfd219fcb3502N.exe

  • Size

    195KB

  • Sample

    241204-vhbhja1qfv

  • MD5

    cedb60895a10252742060e1e99a38070

  • SHA1

    3be121ff592a7479b5019ec92c351691bb3ffd12

  • SHA256

    381a38685bf71e10a9b240c3ffa9c7e2af1a8f93a5276c40078cfd219fcb3502

  • SHA512

    d0d3963913e27d7fb9ad1206a3564fb504d32cececfb3faf42b6556eb747ab5ddcbc808fb093932305342f9caf4daedfa1b2b4e0482a1dac0442a482bdfbfb2b

  • SSDEEP

    3072:nrjhsOwbilBFoGKiZsEe+4k+ua41XUD1UtKVYLYgs+wdylBvoVLMvIzrHbxWCI:D2wZsjb36XUmsVY/lVoqwzrsr

Score
10/10
cycbotbackdoordiscoveryratspywarestealerupx

Malware Config

Targets

    • Target

      381a38685bf71e10a9b240c3ffa9c7e2af1a8f93a5276c40078cfd219fcb3502N.exe

    • Size

      195KB

    • MD5

      cedb60895a10252742060e1e99a38070

    • SHA1

      3be121ff592a7479b5019ec92c351691bb3ffd12

    • SHA256

      381a38685bf71e10a9b240c3ffa9c7e2af1a8f93a5276c40078cfd219fcb3502

    • SHA512

      d0d3963913e27d7fb9ad1206a3564fb504d32cececfb3faf42b6556eb747ab5ddcbc808fb093932305342f9caf4daedfa1b2b4e0482a1dac0442a482bdfbfb2b

    • SSDEEP

      3072:nrjhsOwbilBFoGKiZsEe+4k+ua41XUD1UtKVYLYgs+wdylBvoVLMvIzrHbxWCI:D2wZsjb36XUmsVY/lVoqwzrsr

    Score
    10/10
    cycbotbackdoordiscoveryratspywarestealerupx

    • Cycbot

      Cycbot is a backdoor and trojan written in C++..

      backdoorratcycbot

    • Cycbot family

      cycbot

    • Detects Cycbot payload

      Cycbot is a backdoor and trojan written in C++.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks