Overview

overview

10

Static

static

3

e95d073aff...18.exe

windows7-x64

10

e95d073aff...18.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    e95d073aff907081e40e70a50dcc1f94_JaffaCakes118

  • Size

    181KB

  • Sample

    241213-cjxhaawrcl

  • MD5

    e95d073aff907081e40e70a50dcc1f94

  • SHA1

    79241ada685fd1b3839822402ab787f66eba8943

  • SHA256

    2645b0cd0c35f48bbd041f9ff421082a39c5b6ab476aedc5b567fa81b18756ed

  • SHA512

    18f3928718d7ae3285e982b137a0df87d7e3b4f084f8063e81c7cda3e7c3a6c6da4280dd68d34c3e987cb5fb13f6a5edd4d5e97dd57dffe416f6b522a2ff67a3

  • SSDEEP

    3072:7mAJJqsaaHD1wt6iOB2HQK6Lc0G2GQycOAi5rlv/vvoHMN5cGLJE:aAis3wg2SLWBcOA05v/vveajL

Score
10/10
cycbotbackdoordiscoverypersistenceratspywarestealerupx

Malware Config

Targets

    • Target

      e95d073aff907081e40e70a50dcc1f94_JaffaCakes118

    • Size

      181KB

    • MD5

      e95d073aff907081e40e70a50dcc1f94

    • SHA1

      79241ada685fd1b3839822402ab787f66eba8943

    • SHA256

      2645b0cd0c35f48bbd041f9ff421082a39c5b6ab476aedc5b567fa81b18756ed

    • SHA512

      18f3928718d7ae3285e982b137a0df87d7e3b4f084f8063e81c7cda3e7c3a6c6da4280dd68d34c3e987cb5fb13f6a5edd4d5e97dd57dffe416f6b522a2ff67a3

    • SSDEEP

      3072:7mAJJqsaaHD1wt6iOB2HQK6Lc0G2GQycOAi5rlv/vvoHMN5cGLJE:aAis3wg2SLWBcOA05v/vveajL

    Score
    10/10
    cycbotbackdoordiscoverypersistenceratspywarestealerupx

    • Cycbot

      Cycbot is a backdoor and trojan written in C++..

      backdoorratcycbot

    • Cycbot family

      cycbot

    • Detects Cycbot payload

      Cycbot is a backdoor and trojan written in C++.

    • Modifies WinLogon for persistence

      persistence

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks