Overview

overview

10

Static

static

3

fe56ad696b...18.exe

windows7-x64

10

fe56ad696b...18.exe

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    fe56ad696b022ec13cf5576f16184c94_JaffaCakes118

  • Size

    211KB

  • Sample

    241219-egldcaxngr

  • MD5

    fe56ad696b022ec13cf5576f16184c94

  • SHA1

    8d14e7689b832ac41bfdc87b7fc13949b214dce8

  • SHA256

    6b6e85072317a2d8c3e02dae8ab7f5ab34cdf07c65f671a598fba7fde1b024bf

  • SHA512

    c4bac6c45d0216dcbd86e6a64c59fd76a427d136860e06d8e3d4f0bc3e44159a187254a48cb6f82e0fadd22cecd648f5d3a8f39c5ca5e563d2d005a3446bc89a

  • SSDEEP

    3072:AyTRWCQCOeXJYc4QlbR8dgkRKed/WTpt04thQhUyJHJtMRZKZDPN:FWCFOLSlbR8dXRKedOTptOh1JrM7c

Score
10/10
cycbotbackdoordiscoveryratspywarestealerupx

Malware Config

Targets

    • Target

      fe56ad696b022ec13cf5576f16184c94_JaffaCakes118

    • Size

      211KB

    • MD5

      fe56ad696b022ec13cf5576f16184c94

    • SHA1

      8d14e7689b832ac41bfdc87b7fc13949b214dce8

    • SHA256

      6b6e85072317a2d8c3e02dae8ab7f5ab34cdf07c65f671a598fba7fde1b024bf

    • SHA512

      c4bac6c45d0216dcbd86e6a64c59fd76a427d136860e06d8e3d4f0bc3e44159a187254a48cb6f82e0fadd22cecd648f5d3a8f39c5ca5e563d2d005a3446bc89a

    • SSDEEP

      3072:AyTRWCQCOeXJYc4QlbR8dgkRKed/WTpt04thQhUyJHJtMRZKZDPN:FWCFOLSlbR8dXRKedOTptOh1JrM7c

    Score
    10/10
    cycbotbackdoordiscoveryratspywarestealerupx

    • Cycbot

      Cycbot is a backdoor and trojan written in C++..

      backdoorratcycbot

    • Cycbot family

      cycbot

    • Detects Cycbot payload

      Cycbot is a backdoor and trojan written in C++.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks