General

  • Target

    cddea6050815701d81b0e09d7f2c15c3_JaffaCakes118

  • Size

    170KB

  • Sample

    241206-thd3zs1mhk

  • MD5

    cddea6050815701d81b0e09d7f2c15c3

  • SHA1

    34b2edbb877ac76146e90ea5e7f12063bcb57a4b

  • SHA256

    dcd8c950639bd4ed17b8c9c67ea5f7590040c4a97fc55de6f56bf8276a759f69

  • SHA512

    78a5a07f6fd55caf10b61922fd2e9abc9fa92cbffb01fc432450b0b03f59c0b4f4b0de8315a75aec3d5c0fe7dc8522e39838590a70aad688741b063825a14c52

  • SSDEEP

    3072:J6gekefXoHjWWdif83587QVlseQ3G60lUe4eS1ZPPKJ7hN7xpuHE:o3NfXoHJif83XVlsIlUFbbPKjlxcH

Malware Config

Targets

    • Target

      cddea6050815701d81b0e09d7f2c15c3_JaffaCakes118

    • Size

      170KB

    • MD5

      cddea6050815701d81b0e09d7f2c15c3

    • SHA1

      34b2edbb877ac76146e90ea5e7f12063bcb57a4b

    • SHA256

      dcd8c950639bd4ed17b8c9c67ea5f7590040c4a97fc55de6f56bf8276a759f69

    • SHA512

      78a5a07f6fd55caf10b61922fd2e9abc9fa92cbffb01fc432450b0b03f59c0b4f4b0de8315a75aec3d5c0fe7dc8522e39838590a70aad688741b063825a14c52

    • SSDEEP

      3072:J6gekefXoHjWWdif83587QVlseQ3G60lUe4eS1ZPPKJ7hN7xpuHE:o3NfXoHJif83XVlsIlUFbbPKjlxcH

    • Cycbot

      Cycbot is a backdoor and trojan written in C++..

    • Cycbot family

    • Detects Cycbot payload

      Cycbot is a backdoor and trojan written in C++.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.