Overview

overview

10

Static

static

3

JaffaCakes...83.exe

windows7-x64

10

JaffaCakes...83.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    JaffaCakes118_7ab5c7d03341e191b6e3bedad1cd9083

  • Size

    185KB

  • Sample

    250104-t5n7gaxnew

  • MD5

    7ab5c7d03341e191b6e3bedad1cd9083

  • SHA1

    e20ef03123d56e2b9f3a2e242a1433c024a495de

  • SHA256

    7067387ab1858bd5f412ca66ac3f6a6d1ff0b26639b276479dd2d255484db4a6

  • SHA512

    ad22b0d1c57693cb1c4ba2661d82de670c17df09b75a63add7f538aa513f967b355e79769f309850043891168a707d6a8c238884d2e9b1907f4916fa083e6621

  • SSDEEP

    3072:ulDOnvgim3zDYBynZGyxdHXUm/mF67ODWgG97Oker6L0INKKa2oPpaNi/nx1op:qb3PznsYXUmuI7rhZ4Gq2gcNanIp

Score
10/10
cycbotbackdoordiscoveryratspywarestealerupx

Malware Config

Targets

    • Target

      JaffaCakes118_7ab5c7d03341e191b6e3bedad1cd9083

    • Size

      185KB

    • MD5

      7ab5c7d03341e191b6e3bedad1cd9083

    • SHA1

      e20ef03123d56e2b9f3a2e242a1433c024a495de

    • SHA256

      7067387ab1858bd5f412ca66ac3f6a6d1ff0b26639b276479dd2d255484db4a6

    • SHA512

      ad22b0d1c57693cb1c4ba2661d82de670c17df09b75a63add7f538aa513f967b355e79769f309850043891168a707d6a8c238884d2e9b1907f4916fa083e6621

    • SSDEEP

      3072:ulDOnvgim3zDYBynZGyxdHXUm/mF67ODWgG97Oker6L0INKKa2oPpaNi/nx1op:qb3PznsYXUmuI7rhZ4Gq2gcNanIp

    Score
    10/10
    cycbotbackdoordiscoveryratspywarestealerupx

    • Cycbot

      Cycbot is a backdoor and trojan written in C++..

      backdoorratcycbot

    • Cycbot family

      cycbot

    • Detects Cycbot payload

      Cycbot is a backdoor and trojan written in C++.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks