Overview

overview

10

Static

static

3

VirusShare...0e.exe

windows7-x64

10

VirusShare...0e.exe

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    VirusShare_0041468cec04e095da767bd3ffad910e

  • Size

    181KB

  • Sample

    250111-zphmmsyqbw

  • MD5

    0041468cec04e095da767bd3ffad910e

  • SHA1

    5a6a83a7e43a4b8fe0d76f446c24d9a56acb58ec

  • SHA256

    23c416b6aaf2cc74f15cf5aeba5c273689bcf94341d38b5ed2880f856cdedf1a

  • SHA512

    8e4462169b00c0f53228ff113e9d45825c2d0858a5adf0b56d8bcc411db7192701492ae9f7510f77ab9358dae7848504d7daff1f16b0994833e1fde6bfdae29c

  • SSDEEP

    3072:979cHcYvPbo1hIVgrLZlbDSKQ+Y9nkN4YqgYi8jODMwgqRKf7n3rn:979lYbCeSLbDBQ+Y9Eqgd5gG2

Score
10/10
cycbotbackdoordiscoveryratspywarestealerupx

Malware Config

Targets

    • Target

      VirusShare_0041468cec04e095da767bd3ffad910e

    • Size

      181KB

    • MD5

      0041468cec04e095da767bd3ffad910e

    • SHA1

      5a6a83a7e43a4b8fe0d76f446c24d9a56acb58ec

    • SHA256

      23c416b6aaf2cc74f15cf5aeba5c273689bcf94341d38b5ed2880f856cdedf1a

    • SHA512

      8e4462169b00c0f53228ff113e9d45825c2d0858a5adf0b56d8bcc411db7192701492ae9f7510f77ab9358dae7848504d7daff1f16b0994833e1fde6bfdae29c

    • SSDEEP

      3072:979cHcYvPbo1hIVgrLZlbDSKQ+Y9nkN4YqgYi8jODMwgqRKf7n3rn:979lYbCeSLbDBQ+Y9Eqgd5gG2

    Score
    10/10
    cycbotbackdoordiscoveryratspywarestealerupx

    • Cycbot

      Cycbot is a backdoor and trojan written in C++..

      backdoorratcycbot

    • Cycbot family

      cycbot

    • Detects Cycbot payload

      Cycbot is a backdoor and trojan written in C++.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks