Overview

overview

10

Static

static

3

JaffaCakes...98.exe

windows7-x64

10

JaffaCakes...98.exe

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    JaffaCakes118_62bb40d3189dd88c1686013bb40a4c98

  • Size

    202KB

  • Sample

    250115-1mb8hswkfv

  • MD5

    62bb40d3189dd88c1686013bb40a4c98

  • SHA1

    9ae8a631a162ea514f3e397c806b43781bc7124f

  • SHA256

    4c0045013059f3870dbb5e2431ddf6a699249b9f2275f9d9ca8fdd02ecefbcc0

  • SHA512

    c2956d0e35011cd0d34502285b547f787a49c2ffe42f745b522d4ed89e45a4c368c5000f19aabeb22574af9c2564c580b253753bfda8d3a4910e3c78cfd88f88

  • SSDEEP

    3072:4CJHLdOXtyeHen1Kqix4N/aWFqkFmhmJZ4uySwhH5j13fXNLpYR//ohwwfYmk09l:xHLycnJP5q/MyXhH7l2//oBY2DmFU

Score
10/10
cycbotbackdoordiscoveryratspywarestealerupx

Malware Config

Targets

    • Target

      JaffaCakes118_62bb40d3189dd88c1686013bb40a4c98

    • Size

      202KB

    • MD5

      62bb40d3189dd88c1686013bb40a4c98

    • SHA1

      9ae8a631a162ea514f3e397c806b43781bc7124f

    • SHA256

      4c0045013059f3870dbb5e2431ddf6a699249b9f2275f9d9ca8fdd02ecefbcc0

    • SHA512

      c2956d0e35011cd0d34502285b547f787a49c2ffe42f745b522d4ed89e45a4c368c5000f19aabeb22574af9c2564c580b253753bfda8d3a4910e3c78cfd88f88

    • SSDEEP

      3072:4CJHLdOXtyeHen1Kqix4N/aWFqkFmhmJZ4uySwhH5j13fXNLpYR//ohwwfYmk09l:xHLycnJP5q/MyXhH7l2//oBY2DmFU

    Score
    10/10
    cycbotbackdoordiscoveryratspywarestealerupx

    • Cycbot

      Cycbot is a backdoor and trojan written in C++..

      backdoorratcycbot

    • Cycbot family

      cycbot

    • Detects Cycbot payload

      Cycbot is a backdoor and trojan written in C++.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks