Overview

overview

10

Static

static

3

f5ea747b59...18.exe

windows7-x64

10

f5ea747b59...18.exe

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    f5ea747b59f5a47ee3b1c5304271e33b_JaffaCakes118

  • Size

    182KB

  • Sample

    241215-1v1wvaynax

  • MD5

    f5ea747b59f5a47ee3b1c5304271e33b

  • SHA1

    62f8c204d039daea9b1c36a1b670eb087aa8836f

  • SHA256

    67ee9ec147c8b9f26af0b0b992d20a4f75d1856b9378f67015085dd03d8d2c2f

  • SHA512

    cff7346f5ee549685a84cd347e04aad0b1948d8a8372f1bb922b83f7a7124c9b51f12c8b2161496137d077dc269221f1b6708b69e0ae6bcd0ebb1d150412bf38

  • SSDEEP

    3072:+tRsWUUljM0H76m9osI/DUjLSf8GSHZ9ONQZEnZ0uWL1X/sWQoMoMwyIIWceWjUP:+bsGlY06mGsIUG8BHzOaZ4paXJQRz9r2

Score
10/10
cycbotbackdoordiscoveryratspywarestealerupx

Malware Config

Targets

    • Target

      f5ea747b59f5a47ee3b1c5304271e33b_JaffaCakes118

    • Size

      182KB

    • MD5

      f5ea747b59f5a47ee3b1c5304271e33b

    • SHA1

      62f8c204d039daea9b1c36a1b670eb087aa8836f

    • SHA256

      67ee9ec147c8b9f26af0b0b992d20a4f75d1856b9378f67015085dd03d8d2c2f

    • SHA512

      cff7346f5ee549685a84cd347e04aad0b1948d8a8372f1bb922b83f7a7124c9b51f12c8b2161496137d077dc269221f1b6708b69e0ae6bcd0ebb1d150412bf38

    • SSDEEP

      3072:+tRsWUUljM0H76m9osI/DUjLSf8GSHZ9ONQZEnZ0uWL1X/sWQoMoMwyIIWceWjUP:+bsGlY06mGsIUG8BHzOaZ4paXJQRz9r2

    Score
    10/10
    cycbotbackdoordiscoveryratspywarestealerupx

    • Cycbot

      Cycbot is a backdoor and trojan written in C++..

      backdoorratcycbot

    • Cycbot family

      cycbot

    • Detects Cycbot payload

      Cycbot is a backdoor and trojan written in C++.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks