Overview

overview

10

Static

static

3

e4a1c00327...18.exe

windows7-x64

10

e4a1c00327...18.exe

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    e4a1c00327046576cd3c3c6168e3f503_JaffaCakes118

  • Size

    200KB

  • Sample

    241212-eq7myavkdq

  • MD5

    e4a1c00327046576cd3c3c6168e3f503

  • SHA1

    501e789497a1a2267203ca294898c74f5863dbf8

  • SHA256

    b2bee89ea5be46a0962f4903ac6e4fd0ca707a184dbdb8a6933727cf8fdf09b2

  • SHA512

    f373b8df3518c30a51022140ed6fb418d9025aa6e32f126a079939a6602ebc82b92f56c632d040737b36e096a818bcbdbb867948ffb6d782740ccf048f3707f9

  • SSDEEP

    3072:TGPLAxeBFvBllSvi0jpTTMVJ3REv8UDUSwbc3Wk2I1piCiNEI97atukXiXXoc:TGNBrSvi5Iv8nNo2IzSN3ZIc

Score
10/10
cycbotbackdoordiscoveryratspywarestealerupx

Malware Config

Targets

    • Target

      e4a1c00327046576cd3c3c6168e3f503_JaffaCakes118

    • Size

      200KB

    • MD5

      e4a1c00327046576cd3c3c6168e3f503

    • SHA1

      501e789497a1a2267203ca294898c74f5863dbf8

    • SHA256

      b2bee89ea5be46a0962f4903ac6e4fd0ca707a184dbdb8a6933727cf8fdf09b2

    • SHA512

      f373b8df3518c30a51022140ed6fb418d9025aa6e32f126a079939a6602ebc82b92f56c632d040737b36e096a818bcbdbb867948ffb6d782740ccf048f3707f9

    • SSDEEP

      3072:TGPLAxeBFvBllSvi0jpTTMVJ3REv8UDUSwbc3Wk2I1piCiNEI97atukXiXXoc:TGNBrSvi5Iv8nNo2IzSN3ZIc

    Score
    10/10
    cycbotbackdoordiscoveryratspywarestealerupx

    • Cycbot

      Cycbot is a backdoor and trojan written in C++..

      backdoorratcycbot

    • Cycbot family

      cycbot

    • Detects Cycbot payload

      Cycbot is a backdoor and trojan written in C++.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks