Overview

overview

10

Static

static

3

JaffaCakes...d6.exe

windows7-x64

10

JaffaCakes...d6.exe

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    JaffaCakes118_7b5557d1ef9d23f7a92c8fae30f024d6

  • Size

    178KB

  • Sample

    250116-tg4x1syndk

  • MD5

    7b5557d1ef9d23f7a92c8fae30f024d6

  • SHA1

    1fbcdaa529c102aead38396384207483b86e285a

  • SHA256

    61dad02174f7b9e1cd30002b40b4bcb601759c188d88535f444b42dfbdc252e5

  • SHA512

    be2c018d25795a7377548fe40e0767b0ad1fa3262d2da14af57e9b5416c6b36ea6756eb20e8ad74f02c27dd38846aa60b6c4113d491b88150fe30cb5c1b48d05

  • SSDEEP

    3072:3/VFEi0NYnMNzaWX8fwqLm94ZcgxCCPBn661/UU5GtIp2Qj7EAp0NN:vHub9wrLmM7xCCR91/lGlQHDp0N

Score
10/10
cycbotbackdoordiscoveryratspywarestealerupx

Malware Config

Targets

    • Target

      JaffaCakes118_7b5557d1ef9d23f7a92c8fae30f024d6

    • Size

      178KB

    • MD5

      7b5557d1ef9d23f7a92c8fae30f024d6

    • SHA1

      1fbcdaa529c102aead38396384207483b86e285a

    • SHA256

      61dad02174f7b9e1cd30002b40b4bcb601759c188d88535f444b42dfbdc252e5

    • SHA512

      be2c018d25795a7377548fe40e0767b0ad1fa3262d2da14af57e9b5416c6b36ea6756eb20e8ad74f02c27dd38846aa60b6c4113d491b88150fe30cb5c1b48d05

    • SSDEEP

      3072:3/VFEi0NYnMNzaWX8fwqLm94ZcgxCCPBn661/UU5GtIp2Qj7EAp0NN:vHub9wrLmM7xCCR91/lGlQHDp0N

    Score
    10/10
    cycbotbackdoordiscoveryratspywarestealerupx

    • Cycbot

      Cycbot is a backdoor and trojan written in C++..

      backdoorratcycbot

    • Cycbot family

      cycbot

    • Detects Cycbot payload

      Cycbot is a backdoor and trojan written in C++.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks