Overview

overview

10

Static

static

3

JaffaCakes...a9.exe

windows7-x64

10

JaffaCakes...a9.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    JaffaCakes118_6639fa0885d54dc9252cf464b20123a9

  • Size

    174KB

  • Sample

    250116-a42avstndp

  • MD5

    6639fa0885d54dc9252cf464b20123a9

  • SHA1

    86f7e226a3822d159c0f53cbbedfbe55aa782cf9

  • SHA256

    ae82c4ac053704655dfa7738cbf5f918de8306e58e69df6dbc8f966b35d334be

  • SHA512

    564de79a59841ef0180f2efbc25650eb848701c4783b8b92f97a5bdf0c6e0373c017b6de8d174f291b29187b3c981eb3c3c166b88ba959b817b296a3d48b2c4f

  • SSDEEP

    3072:UaPhJ87gsFnHrgXECBgFk65vYwAIZocsX8LjEk77udf6W6tTEZ8:bhJ8XFnLgXKFxHNojgjTYf6WYO

Score
10/10
cycbotbackdoordiscoverypersistenceratspywarestealerupx

Malware Config

Targets

    • Target

      JaffaCakes118_6639fa0885d54dc9252cf464b20123a9

    • Size

      174KB

    • MD5

      6639fa0885d54dc9252cf464b20123a9

    • SHA1

      86f7e226a3822d159c0f53cbbedfbe55aa782cf9

    • SHA256

      ae82c4ac053704655dfa7738cbf5f918de8306e58e69df6dbc8f966b35d334be

    • SHA512

      564de79a59841ef0180f2efbc25650eb848701c4783b8b92f97a5bdf0c6e0373c017b6de8d174f291b29187b3c981eb3c3c166b88ba959b817b296a3d48b2c4f

    • SSDEEP

      3072:UaPhJ87gsFnHrgXECBgFk65vYwAIZocsX8LjEk77udf6W6tTEZ8:bhJ8XFnLgXKFxHNojgjTYf6WYO

    Score
    10/10
    cycbotbackdoordiscoverypersistenceratspywarestealerupx

    • Cycbot

      Cycbot is a backdoor and trojan written in C++..

      backdoorratcycbot

    • Cycbot family

      cycbot

    • Detects Cycbot payload

      Cycbot is a backdoor and trojan written in C++.

    • Modifies WinLogon for persistence

      persistence

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks