Overview

overview

10

Static

static

3

JaffaCakes...c4.exe

windows7-x64

10

JaffaCakes...c4.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    JaffaCakes118_7854f659cee962818055d8e5e068acc4

  • Size

    180KB

  • Sample

    250116-q6qj5stqhp

  • MD5

    7854f659cee962818055d8e5e068acc4

  • SHA1

    708cda3618bbe2d578750a24efac6e7bb07641d7

  • SHA256

    2b9223e59fc80dac2e4d447b8059de000b87743985bb2e9aab8969305e729287

  • SHA512

    ff116f195c4527d13f7368e9bfc2de08b083c722a8f9d0fa0ed131c0b21004050ef7d83f58f40facf676b1fa7ec01f21a89a333c9036b3d3ab841f091ff54a56

  • SSDEEP

    3072:/vox12+nf24ert0IsrgQ8lIdGxblSHepOg6X7VLy7Oo2MXvQVxQUMrxsL9RlM2b:noxR2xZsUlIIzSOOg6X7VLk2MXvAxQUn

Score
10/10
cycbotbackdoordiscoveryratspywarestealerupx

Malware Config

Targets

    • Target

      JaffaCakes118_7854f659cee962818055d8e5e068acc4

    • Size

      180KB

    • MD5

      7854f659cee962818055d8e5e068acc4

    • SHA1

      708cda3618bbe2d578750a24efac6e7bb07641d7

    • SHA256

      2b9223e59fc80dac2e4d447b8059de000b87743985bb2e9aab8969305e729287

    • SHA512

      ff116f195c4527d13f7368e9bfc2de08b083c722a8f9d0fa0ed131c0b21004050ef7d83f58f40facf676b1fa7ec01f21a89a333c9036b3d3ab841f091ff54a56

    • SSDEEP

      3072:/vox12+nf24ert0IsrgQ8lIdGxblSHepOg6X7VLy7Oo2MXvQVxQUMrxsL9RlM2b:noxR2xZsUlIIzSOOg6X7VLk2MXvAxQUn

    Score
    10/10
    cycbotbackdoordiscoveryratspywarestealerupx

    • Cycbot

      Cycbot is a backdoor and trojan written in C++..

      backdoorratcycbot

    • Cycbot family

      cycbot

    • Detects Cycbot payload

      Cycbot is a backdoor and trojan written in C++.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks