Overview

overview

10

Static

static

3

cddc97e06d...18.exe

windows7-x64

10

cddc97e06d...18.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    cddc97e06d8a0f6d3e8219cab6aba339_JaffaCakes118

  • Size

    181KB

  • Sample

    241206-tgde3a1mdq

  • MD5

    cddc97e06d8a0f6d3e8219cab6aba339

  • SHA1

    899687af5dab92e9188289bfd494e62bcf7bc030

  • SHA256

    7abcb122442fc8b1e8fb80e463336a610ff5fd97f8d5ce54d73edc7115324cee

  • SHA512

    1070a1c3fb2eb29e960d23c0f4396ebef92712a01e25c0d4864ba8a9dbc107a7edbf137940704af2c3ec5a725f6fe3194b768e90ebc2508297cae9823c2d3e05

  • SSDEEP

    3072:hOUZtgKbMExYBa34FApRK/sExDsapON9rkG1N/IaP9RbNObscXv:ICzbMEGApExoaoN9YKNTP9SQcX

Score
10/10
cycbotbackdoordiscoverypersistenceratspywarestealerupx

Malware Config

Targets

    • Target

      cddc97e06d8a0f6d3e8219cab6aba339_JaffaCakes118

    • Size

      181KB

    • MD5

      cddc97e06d8a0f6d3e8219cab6aba339

    • SHA1

      899687af5dab92e9188289bfd494e62bcf7bc030

    • SHA256

      7abcb122442fc8b1e8fb80e463336a610ff5fd97f8d5ce54d73edc7115324cee

    • SHA512

      1070a1c3fb2eb29e960d23c0f4396ebef92712a01e25c0d4864ba8a9dbc107a7edbf137940704af2c3ec5a725f6fe3194b768e90ebc2508297cae9823c2d3e05

    • SSDEEP

      3072:hOUZtgKbMExYBa34FApRK/sExDsapON9rkG1N/IaP9RbNObscXv:ICzbMEGApExoaoN9YKNTP9SQcX

    Score
    10/10
    cycbotbackdoordiscoverypersistenceratspywarestealerupx

    • Cycbot

      Cycbot is a backdoor and trojan written in C++..

      backdoorratcycbot

    • Cycbot family

      cycbot

    • Detects Cycbot payload

      Cycbot is a backdoor and trojan written in C++.

    • Modifies WinLogon for persistence

      persistence

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks