Overview

overview

10

Static

static

3

f9fac6949f...18.exe

windows7-x64

10

f9fac6949f...18.exe

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    f9fac6949fee882cd1ed1a0a2f9e4751_JaffaCakes118

  • Size

    204KB

  • Sample

    241218-edz3bstkap

  • MD5

    f9fac6949fee882cd1ed1a0a2f9e4751

  • SHA1

    816997c66473f7bd37aa58a56f233b4eb5992ba2

  • SHA256

    e2ead13305860473457e83aff6e6bca3174550c0b083da77a84088b19b1f7048

  • SHA512

    642bd5609b11990c97442f2cc039eb052cb33c54f59de8b6e915cc264add735dd7c5d3d20231518cb59219f1d634c7fc97f55034c53031f88a016bf7ea465643

  • SSDEEP

    6144:4WPB2ADacX/5u6AMxFy6N2Sb0+PZew5W9:dPkADacUTMxFy6lQoA9

Score
10/10
cycbotbackdoordiscoverypersistenceratspywarestealerupx

Malware Config

Targets

    • Target

      f9fac6949fee882cd1ed1a0a2f9e4751_JaffaCakes118

    • Size

      204KB

    • MD5

      f9fac6949fee882cd1ed1a0a2f9e4751

    • SHA1

      816997c66473f7bd37aa58a56f233b4eb5992ba2

    • SHA256

      e2ead13305860473457e83aff6e6bca3174550c0b083da77a84088b19b1f7048

    • SHA512

      642bd5609b11990c97442f2cc039eb052cb33c54f59de8b6e915cc264add735dd7c5d3d20231518cb59219f1d634c7fc97f55034c53031f88a016bf7ea465643

    • SSDEEP

      6144:4WPB2ADacX/5u6AMxFy6N2Sb0+PZew5W9:dPkADacUTMxFy6lQoA9

    Score
    10/10
    cycbotbackdoordiscoverypersistenceratspywarestealerupx

    • Cycbot

      Cycbot is a backdoor and trojan written in C++..

      backdoorratcycbot

    • Cycbot family

      cycbot

    • Detects Cycbot payload

      Cycbot is a backdoor and trojan written in C++.

    • Modifies WinLogon for persistence

      persistence

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks