Overview

overview

10

Static

static

3

JaffaCakes...54.exe

windows7-x64

10

JaffaCakes...54.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    JaffaCakes118_44cc3c802fd02f134929bc18c79c5b54

  • Size

    185KB

  • Sample

    250114-y8tnks1lbr

  • MD5

    44cc3c802fd02f134929bc18c79c5b54

  • SHA1

    4b02948c1f2ef73a71aa7212649b8aa4a50cf0b3

  • SHA256

    13b5f15799beedb19ebbaebda1e2907f3736be18d2f8f328ffbe3f4ea056450b

  • SHA512

    baf9cc73843d92070ec0e191714cd12ba26318b1e59f81eb09063c6bbd907ed254aaf1d5265b8ac1fc219d7936fa94bea1b894b5add2c2c40d641729d50224d6

  • SSDEEP

    3072:pGSyJii04Cjd9nRARiyiHBLilOPAys0CXAORDQNA8RISOJ4OyDeMhCtZ18/fLe0p:pGSti04GR6iL4byLtOsQSEDySMKZ18bx

Score
10/10
cycbotbackdoordiscoveryratspywarestealerupx

Malware Config

Targets

    • Target

      JaffaCakes118_44cc3c802fd02f134929bc18c79c5b54

    • Size

      185KB

    • MD5

      44cc3c802fd02f134929bc18c79c5b54

    • SHA1

      4b02948c1f2ef73a71aa7212649b8aa4a50cf0b3

    • SHA256

      13b5f15799beedb19ebbaebda1e2907f3736be18d2f8f328ffbe3f4ea056450b

    • SHA512

      baf9cc73843d92070ec0e191714cd12ba26318b1e59f81eb09063c6bbd907ed254aaf1d5265b8ac1fc219d7936fa94bea1b894b5add2c2c40d641729d50224d6

    • SSDEEP

      3072:pGSyJii04Cjd9nRARiyiHBLilOPAys0CXAORDQNA8RISOJ4OyDeMhCtZ18/fLe0p:pGSti04GR6iL4byLtOsQSEDySMKZ18bx

    Score
    10/10
    cycbotbackdoordiscoveryratspywarestealerupx

    • Cycbot

      Cycbot is a backdoor and trojan written in C++..

      backdoorratcycbot

    • Cycbot family

      cycbot

    • Detects Cycbot payload

      Cycbot is a backdoor and trojan written in C++.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks