Overview

overview

10

Static

static

3

f5da2590e5...18.exe

windows7-x64

10

f5da2590e5...18.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    f5da2590e5938d982c22eab6a5f6d185_JaffaCakes118

  • Size

    182KB

  • Sample

    241215-1jsfbsxrdy

  • MD5

    f5da2590e5938d982c22eab6a5f6d185

  • SHA1

    42fe806f5872d9816bc16c0ee44e745d41581e11

  • SHA256

    9cdba55daeb92f0de2e841554171327576790cd52b265fa27d77191045aa5647

  • SHA512

    f955ec401d6207b351107abba984d0da8c0cf9c9f0327a900ff53424f3b8331ee811425aca171c3118c515c726d05bb53c408430c76a58e27770853367e1e8af

  • SSDEEP

    3072:CIh75WqHtNw8OC7/GWPcZDpjwN/0D0gjqE8NE5Ulx6Mi/pY8Efd:jtRNNwE/GRnjq/c0gjKE6lx6px7

Score
10/10
cycbotbackdoordiscoveryratspywarestealerupx

Malware Config

Targets

    • Target

      f5da2590e5938d982c22eab6a5f6d185_JaffaCakes118

    • Size

      182KB

    • MD5

      f5da2590e5938d982c22eab6a5f6d185

    • SHA1

      42fe806f5872d9816bc16c0ee44e745d41581e11

    • SHA256

      9cdba55daeb92f0de2e841554171327576790cd52b265fa27d77191045aa5647

    • SHA512

      f955ec401d6207b351107abba984d0da8c0cf9c9f0327a900ff53424f3b8331ee811425aca171c3118c515c726d05bb53c408430c76a58e27770853367e1e8af

    • SSDEEP

      3072:CIh75WqHtNw8OC7/GWPcZDpjwN/0D0gjqE8NE5Ulx6Mi/pY8Efd:jtRNNwE/GRnjq/c0gjKE6lx6px7

    Score
    10/10
    cycbotbackdoordiscoveryratspywarestealerupx

    • Cycbot

      Cycbot is a backdoor and trojan written in C++..

      backdoorratcycbot

    • Cycbot family

      cycbot

    • Detects Cycbot payload

      Cycbot is a backdoor and trojan written in C++.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks