Overview

overview

10

Static

static

3

6723e2105e...dN.exe

windows7-x64

10

6723e2105e...dN.exe

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    6723e2105e8f015634d802495b04e871bdacacb08faa0faf68eda0bb235b565dN.exe

  • Size

    164KB

  • Sample

    241222-nppkeawnhw

  • MD5

    ff03531ad8c83399ce5fc9f96c883e70

  • SHA1

    ccf7eb9e44bb5b95f732c4dcef87760ded5184cd

  • SHA256

    6723e2105e8f015634d802495b04e871bdacacb08faa0faf68eda0bb235b565d

  • SHA512

    0e806b078053fb3e76fe87ab5c52d270ba3d27307bedb28cb6f5684c1d04fc504e155a1811bcc6910cadb0e1f98cb753bceaa54d6e023e6de3cdb94bc30b59b6

  • SSDEEP

    3072:Nq2QaPFCJm5y/MC/ikf4jNDAL0nAftn6s4GAS:NJPF7kMCfM1AeAft6L

Score
10/10
cycbotbackdoordiscoverypersistenceratspywarestealerupx

Malware Config

Targets

    • Target

      6723e2105e8f015634d802495b04e871bdacacb08faa0faf68eda0bb235b565dN.exe

    • Size

      164KB

    • MD5

      ff03531ad8c83399ce5fc9f96c883e70

    • SHA1

      ccf7eb9e44bb5b95f732c4dcef87760ded5184cd

    • SHA256

      6723e2105e8f015634d802495b04e871bdacacb08faa0faf68eda0bb235b565d

    • SHA512

      0e806b078053fb3e76fe87ab5c52d270ba3d27307bedb28cb6f5684c1d04fc504e155a1811bcc6910cadb0e1f98cb753bceaa54d6e023e6de3cdb94bc30b59b6

    • SSDEEP

      3072:Nq2QaPFCJm5y/MC/ikf4jNDAL0nAftn6s4GAS:NJPF7kMCfM1AeAft6L

    Score
    10/10
    cycbotbackdoordiscoverypersistenceratspywarestealerupx

    • Cycbot

      Cycbot is a backdoor and trojan written in C++..

      backdoorratcycbot

    • Cycbot family

      cycbot

    • Detects Cycbot payload

      Cycbot is a backdoor and trojan written in C++.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Adds Run key to start application

      persistence

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks