Overview

overview

10

Static

static

3

JaffaCakes...95.exe

windows7-x64

10

JaffaCakes...95.exe

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    JaffaCakes118_8c39ef4c2f9312349b98cf54f973c695

  • Size

    163KB

  • Sample

    250117-p3284axrcz

  • MD5

    8c39ef4c2f9312349b98cf54f973c695

  • SHA1

    f5a539f5f23b4e0de3d3d0a669d650d3c0906e53

  • SHA256

    71dcd24da257c7bb0873fd9c276b7a463c9b85429589a338ae2e28787ae378c7

  • SHA512

    31222a884abb443cc449bd03d0a4c4987e23cee7c4a909f724acd9103d5b0acf696a855574761872a8ffe910343912ff41019f0baabf09488417c7351d48f520

  • SSDEEP

    3072:VE7bLMhkEUXRTAMszsW6tmfc67cW6troxFKjs5quCwuHT8dL7srl1WzlR9F3:VE7bLMCTAMsJjfP76B24A5q/HYdL7sJk

Score
10/10
cycbotbackdoordiscoveryratspywarestealerupx

Malware Config

Targets

    • Target

      JaffaCakes118_8c39ef4c2f9312349b98cf54f973c695

    • Size

      163KB

    • MD5

      8c39ef4c2f9312349b98cf54f973c695

    • SHA1

      f5a539f5f23b4e0de3d3d0a669d650d3c0906e53

    • SHA256

      71dcd24da257c7bb0873fd9c276b7a463c9b85429589a338ae2e28787ae378c7

    • SHA512

      31222a884abb443cc449bd03d0a4c4987e23cee7c4a909f724acd9103d5b0acf696a855574761872a8ffe910343912ff41019f0baabf09488417c7351d48f520

    • SSDEEP

      3072:VE7bLMhkEUXRTAMszsW6tmfc67cW6troxFKjs5quCwuHT8dL7srl1WzlR9F3:VE7bLMCTAMsJjfP76B24A5q/HYdL7sJk

    Score
    10/10
    cycbotbackdoordiscoveryratspywarestealerupx

    • Cycbot

      Cycbot is a backdoor and trojan written in C++..

      backdoorratcycbot

    • Cycbot family

      cycbot

    • Detects Cycbot payload

      Cycbot is a backdoor and trojan written in C++.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks