Overview

overview

10

Static

static

3

ffed977c76...18.exe

windows7-x64

10

ffed977c76...18.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    ffed977c76f042fccb3ae104a60e55c3_JaffaCakes118

  • Size

    178KB

  • Sample

    241219-vv261sxkan

  • MD5

    ffed977c76f042fccb3ae104a60e55c3

  • SHA1

    361189ae98d921bc53fe585ecda4c07b9152474e

  • SHA256

    92824d639e6d56922ebe05235329dabcb3b96a82dd7950dc01b787511b85c010

  • SHA512

    062fca573be024b724eaf6d0a1a455234de3417b774e837ddfcc6c42cd10aeed22067a76dcf718ed42dd68f037b174b159a1168aac3ea53c217168cbb7842ac4

  • SSDEEP

    3072:Sd+8HtiltxypIcQV96ERNfXDZxcrazq0V0PBEq0fhjByNiazwqTEkbuZVQwwLfug:o+itiltkpIcC6E3fXlOpwISByNiQzTE+

Score
10/10
cycbotbackdoordiscoveryratspywarestealerupx

Malware Config

Targets

    • Target

      ffed977c76f042fccb3ae104a60e55c3_JaffaCakes118

    • Size

      178KB

    • MD5

      ffed977c76f042fccb3ae104a60e55c3

    • SHA1

      361189ae98d921bc53fe585ecda4c07b9152474e

    • SHA256

      92824d639e6d56922ebe05235329dabcb3b96a82dd7950dc01b787511b85c010

    • SHA512

      062fca573be024b724eaf6d0a1a455234de3417b774e837ddfcc6c42cd10aeed22067a76dcf718ed42dd68f037b174b159a1168aac3ea53c217168cbb7842ac4

    • SSDEEP

      3072:Sd+8HtiltxypIcQV96ERNfXDZxcrazq0V0PBEq0fhjByNiazwqTEkbuZVQwwLfug:o+itiltkpIcC6E3fXlOpwISByNiQzTE+

    Score
    10/10
    cycbotbackdoordiscoveryratspywarestealerupx

    • Cycbot

      Cycbot is a backdoor and trojan written in C++..

      backdoorratcycbot

    • Cycbot family

      cycbot

    • Detects Cycbot payload

      Cycbot is a backdoor and trojan written in C++.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks