Overview

overview

10

Static

static

3

fc809c5c40...18.exe

windows7-x64

10

fc809c5c40...18.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    fc809c5c40877d5b5dcfc41eea8c2d43_JaffaCakes118

  • Size

    167KB

  • Sample

    241218-v8my9awpgz

  • MD5

    fc809c5c40877d5b5dcfc41eea8c2d43

  • SHA1

    d7599868b258d075f6ca67789384344f0163ec5b

  • SHA256

    a5b4361301232316b5305d050be378f72bdc38df20690327fd5068a69770de3d

  • SHA512

    2f27e97882c5c82edc2cac6e779cb410b01a57b62fd9b828746d3a873995ca06232772fcba3b65d53128381fee771db22a28d1b3fdbf1365d21db6b7fd614ead

  • SSDEEP

    3072:6TxfKkImHxP14hf/ICluxM4VTXcHKsJmnJ85GMf+b4676nVT/MC:kNPIkxNof/ImkDVSJSJ8595VT/

Score
10/10
cycbotbackdoordiscoverypersistenceratspywarestealerupx

Malware Config

Targets

    • Target

      fc809c5c40877d5b5dcfc41eea8c2d43_JaffaCakes118

    • Size

      167KB

    • MD5

      fc809c5c40877d5b5dcfc41eea8c2d43

    • SHA1

      d7599868b258d075f6ca67789384344f0163ec5b

    • SHA256

      a5b4361301232316b5305d050be378f72bdc38df20690327fd5068a69770de3d

    • SHA512

      2f27e97882c5c82edc2cac6e779cb410b01a57b62fd9b828746d3a873995ca06232772fcba3b65d53128381fee771db22a28d1b3fdbf1365d21db6b7fd614ead

    • SSDEEP

      3072:6TxfKkImHxP14hf/ICluxM4VTXcHKsJmnJ85GMf+b4676nVT/MC:kNPIkxNof/ImkDVSJSJ8595VT/

    Score
    10/10
    cycbotbackdoordiscoverypersistenceratspywarestealerupx

    • Cycbot

      Cycbot is a backdoor and trojan written in C++..

      backdoorratcycbot

    • Cycbot family

      cycbot

    • Detects Cycbot payload

      Cycbot is a backdoor and trojan written in C++.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Adds Run key to start application

      persistence

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks