Overview

overview

10

Static

static

3

JaffaCakes...7b.exe

windows7-x64

10

JaffaCakes...7b.exe

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    JaffaCakes118_4a762d202e32f366c77523604120df7b

  • Size

    178KB

  • Sample

    250115-ckyfzayqhl

  • MD5

    4a762d202e32f366c77523604120df7b

  • SHA1

    6ed198914478446eee2053a6ff92bb225e101a55

  • SHA256

    6ea4f3e71b83f6c6dcaf84b8d628ffe51c83ed17b66bea2807bae60bc08cb630

  • SHA512

    204d5eb249cb97d7cb3095b289f55e13496db05d22d22ccda3ee661ab14757f0adb9ad67cba2250c3cf480f6c78a43a8992fbb83964d1d8583e2b0041a45c231

  • SSDEEP

    3072:6RVdPpjP1C8U8lGx/I1nMqcCS3Je2EtniT922oQVFqxgDMlCY:kZpJDd0X33SiT922oWYxgD4

Score
10/10
cycbotbackdoordiscoveryratspywarestealerupx

Malware Config

Targets

    • Target

      JaffaCakes118_4a762d202e32f366c77523604120df7b

    • Size

      178KB

    • MD5

      4a762d202e32f366c77523604120df7b

    • SHA1

      6ed198914478446eee2053a6ff92bb225e101a55

    • SHA256

      6ea4f3e71b83f6c6dcaf84b8d628ffe51c83ed17b66bea2807bae60bc08cb630

    • SHA512

      204d5eb249cb97d7cb3095b289f55e13496db05d22d22ccda3ee661ab14757f0adb9ad67cba2250c3cf480f6c78a43a8992fbb83964d1d8583e2b0041a45c231

    • SSDEEP

      3072:6RVdPpjP1C8U8lGx/I1nMqcCS3Je2EtniT922oQVFqxgDMlCY:kZpJDd0X33SiT922oWYxgD4

    Score
    10/10
    cycbotbackdoordiscoveryratspywarestealerupx

    • Cycbot

      Cycbot is a backdoor and trojan written in C++..

      backdoorratcycbot

    • Cycbot family

      cycbot

    • Detects Cycbot payload

      Cycbot is a backdoor and trojan written in C++.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks