Overview

overview

10

Static

static

3

eb1ccf55e4...18.exe

windows7-x64

10

eb1ccf55e4...18.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    eb1ccf55e4d2eca9b18950de56f73d5b_JaffaCakes118

  • Size

    189KB

  • Sample

    241213-mpjtgswjb1

  • MD5

    eb1ccf55e4d2eca9b18950de56f73d5b

  • SHA1

    24e922a33d7633cb5ca663e369c6a91c07fb1666

  • SHA256

    b3b28e866c281dfcc5c59976b95544659444b019a40e2693f4eec210c983884f

  • SHA512

    15b84f9421a645db2f282f81c7c23b2a2480301a0dc5df04da7cc2204a8048945ce5e1fa9932a75306ba416e885f3dc299e09cce1334eaefb2ce8c4146d1f190

  • SSDEEP

    3072:J00TiApT0yjqipyte+aJvlcSpQt1V1bjhiCnSWFuVLKV623FC72Ku1ciGE8c:J00XBNyETJtdiF1bjhimSNLKV621C72k

Score
10/10
cycbotbackdoordiscoveryratspywarestealerupx

Malware Config

Targets

    • Target

      eb1ccf55e4d2eca9b18950de56f73d5b_JaffaCakes118

    • Size

      189KB

    • MD5

      eb1ccf55e4d2eca9b18950de56f73d5b

    • SHA1

      24e922a33d7633cb5ca663e369c6a91c07fb1666

    • SHA256

      b3b28e866c281dfcc5c59976b95544659444b019a40e2693f4eec210c983884f

    • SHA512

      15b84f9421a645db2f282f81c7c23b2a2480301a0dc5df04da7cc2204a8048945ce5e1fa9932a75306ba416e885f3dc299e09cce1334eaefb2ce8c4146d1f190

    • SSDEEP

      3072:J00TiApT0yjqipyte+aJvlcSpQt1V1bjhiCnSWFuVLKV623FC72Ku1ciGE8c:J00XBNyETJtdiF1bjhimSNLKV621C72k

    Score
    10/10
    cycbotbackdoordiscoveryratspywarestealerupx

    • Cycbot

      Cycbot is a backdoor and trojan written in C++..

      backdoorratcycbot

    • Cycbot family

      cycbot

    • Detects Cycbot payload

      Cycbot is a backdoor and trojan written in C++.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks