Overview

overview

10

Static

static

3

JaffaCakes...97.exe

windows7-x64

10

JaffaCakes...97.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    JaffaCakes118_7ac1b03b40158d3e3782a006f6043797

  • Size

    179KB

  • Sample

    250116-s2eyysxjgw

  • MD5

    7ac1b03b40158d3e3782a006f6043797

  • SHA1

    87b8f8330b7ae62aa1f9d95ce9182250433c842f

  • SHA256

    1f86686519bac4f9f8c01c709216ba4c4f94c822ca9ab1427020380bf43c97d7

  • SHA512

    0027742a4e551df2de9a9981c5c69870efa100ca1322ebef1f5bff74a6710ba7b0fe6f04cb44a1fe1fdcde484d0071bc8cb15665be2cb8c65060ef2aa2081b17

  • SSDEEP

    3072:+wP76BUPyge7lX59MortIBZntRmOTc1uHmfGqsg0oXGrSk1KEysVbzv:+tGPyRcoUjTc1amfov11ZysVT

Score
10/10
cycbotbackdoordiscoveryratspywarestealerupx

Malware Config

Targets

    • Target

      JaffaCakes118_7ac1b03b40158d3e3782a006f6043797

    • Size

      179KB

    • MD5

      7ac1b03b40158d3e3782a006f6043797

    • SHA1

      87b8f8330b7ae62aa1f9d95ce9182250433c842f

    • SHA256

      1f86686519bac4f9f8c01c709216ba4c4f94c822ca9ab1427020380bf43c97d7

    • SHA512

      0027742a4e551df2de9a9981c5c69870efa100ca1322ebef1f5bff74a6710ba7b0fe6f04cb44a1fe1fdcde484d0071bc8cb15665be2cb8c65060ef2aa2081b17

    • SSDEEP

      3072:+wP76BUPyge7lX59MortIBZntRmOTc1uHmfGqsg0oXGrSk1KEysVbzv:+tGPyRcoUjTc1amfov11ZysVT

    Score
    10/10
    cycbotbackdoordiscoveryratspywarestealerupx

    • Cycbot

      Cycbot is a backdoor and trojan written in C++..

      backdoorratcycbot

    • Cycbot family

      cycbot

    • Detects Cycbot payload

      Cycbot is a backdoor and trojan written in C++.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks