Overview

overview

10

Static

static

3

f36988e4e6...18.exe

windows7-x64

10

f36988e4e6...18.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    f36988e4e6bc154cd7c50bd676fd9367_JaffaCakes118

  • Size

    182KB

  • Sample

    241215-lp71mssker

  • MD5

    f36988e4e6bc154cd7c50bd676fd9367

  • SHA1

    62451b9e26c6726f4a195a957db8cedbf3fbc24c

  • SHA256

    4ac1b05fb39c6287a4052cd50b395be75daac09c1521fa9906ba9e2836a983aa

  • SHA512

    0f55c1118b19dcea353aee53c950a68c0c0a9254ff1b57f50af8cdfb98da5517257652f4aacb7c08299432094370a3c8b50a71b2a28abcc59090498348d0ebf9

  • SSDEEP

    3072:u18M5zt8ciNzA8iCKKNBkU/L/SR2DnoYc/Uv0ekN+bzbva:u1RENz7nAKa+noYcBxsz

Score
10/10
cycbotbackdoordiscoveryratspywarestealerupx

Malware Config

Targets

    • Target

      f36988e4e6bc154cd7c50bd676fd9367_JaffaCakes118

    • Size

      182KB

    • MD5

      f36988e4e6bc154cd7c50bd676fd9367

    • SHA1

      62451b9e26c6726f4a195a957db8cedbf3fbc24c

    • SHA256

      4ac1b05fb39c6287a4052cd50b395be75daac09c1521fa9906ba9e2836a983aa

    • SHA512

      0f55c1118b19dcea353aee53c950a68c0c0a9254ff1b57f50af8cdfb98da5517257652f4aacb7c08299432094370a3c8b50a71b2a28abcc59090498348d0ebf9

    • SSDEEP

      3072:u18M5zt8ciNzA8iCKKNBkU/L/SR2DnoYc/Uv0ekN+bzbva:u1RENz7nAKa+noYcBxsz

    Score
    10/10
    cycbotbackdoordiscoveryratspywarestealerupx

    • Cycbot

      Cycbot is a backdoor and trojan written in C++..

      backdoorratcycbot

    • Cycbot family

      cycbot

    • Detects Cycbot payload

      Cycbot is a backdoor and trojan written in C++.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks