General

  • Target

    JaffaCakes118_13ec9f74136163bc789c03b4775279b1

  • Size

    172KB

  • Sample

    250112-vpp99stmdq

  • MD5

    13ec9f74136163bc789c03b4775279b1

  • SHA1

    830037f95747e811939c7c7f888206951cea528d

  • SHA256

    2d03e9296ce51f5b615ca909b6b25b8b15b545408853a8e9e0d9937b3ddb63bb

  • SHA512

    a719265fccdcff56ae726e6d3ebd2939cb4c094037bd6fe326aed1a27bab47a554cc5cdebabed318b075a04675aa73012e787e2efe338ba054cb016d4fde8835

  • SSDEEP

    3072:Ju8M2vpUDCPApvoIetzmQE37wNAa1hVpDbPS0s+fSfeuYD11FTRbzk5a+LUzy:JumKvtgGrwN/FbK0KfsD11FTR/kAN

Malware Config

Targets

    • Target

      JaffaCakes118_13ec9f74136163bc789c03b4775279b1

    • Size

      172KB

    • MD5

      13ec9f74136163bc789c03b4775279b1

    • SHA1

      830037f95747e811939c7c7f888206951cea528d

    • SHA256

      2d03e9296ce51f5b615ca909b6b25b8b15b545408853a8e9e0d9937b3ddb63bb

    • SHA512

      a719265fccdcff56ae726e6d3ebd2939cb4c094037bd6fe326aed1a27bab47a554cc5cdebabed318b075a04675aa73012e787e2efe338ba054cb016d4fde8835

    • SSDEEP

      3072:Ju8M2vpUDCPApvoIetzmQE37wNAa1hVpDbPS0s+fSfeuYD11FTRbzk5a+LUzy:JumKvtgGrwN/FbK0KfsD11FTR/kAN

    • Cycbot

      Cycbot is a backdoor and trojan written in C++..

    • Cycbot family

    • Detects Cycbot payload

      Cycbot is a backdoor and trojan written in C++.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks