Overview

overview

10

Static

static

3

JaffaCakes...0e.exe

windows7-x64

10

JaffaCakes...0e.exe

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    JaffaCakes118_8eee5c64b1b9c5812f10813f18482b0e

  • Size

    197KB

  • Sample

    250117-sal8yssmcz

  • MD5

    8eee5c64b1b9c5812f10813f18482b0e

  • SHA1

    37061d0f7854d8ea4da82fae57259220d443d453

  • SHA256

    ae89bed5c5051ef02e35aaede2e74ff99bed356c0d578a87c986b7365f5cdc49

  • SHA512

    fffc94eb55e5d98aad2f7053d2e6cc0b094103595622506157684b4d17ca6299e14908dd36f787a7db9bf22ebd38a24b0993d77588ed2450860627ff8afb18c7

  • SSDEEP

    6144:pC/kZEMoZ9tuFlo4E5ywAFbc3QcctEg2wBw:A/cEN9wo4CBAFbiDK2wa

Score
10/10
cycbotbackdoordiscoveryratspywarestealerupx

Malware Config

Targets

    • Target

      JaffaCakes118_8eee5c64b1b9c5812f10813f18482b0e

    • Size

      197KB

    • MD5

      8eee5c64b1b9c5812f10813f18482b0e

    • SHA1

      37061d0f7854d8ea4da82fae57259220d443d453

    • SHA256

      ae89bed5c5051ef02e35aaede2e74ff99bed356c0d578a87c986b7365f5cdc49

    • SHA512

      fffc94eb55e5d98aad2f7053d2e6cc0b094103595622506157684b4d17ca6299e14908dd36f787a7db9bf22ebd38a24b0993d77588ed2450860627ff8afb18c7

    • SSDEEP

      6144:pC/kZEMoZ9tuFlo4E5ywAFbc3QcctEg2wBw:A/cEN9wo4CBAFbiDK2wa

    Score
    10/10
    cycbotbackdoordiscoveryratspywarestealerupx

    • Cycbot

      Cycbot is a backdoor and trojan written in C++..

      backdoorratcycbot

    • Cycbot family

      cycbot

    • Detects Cycbot payload

      Cycbot is a backdoor and trojan written in C++.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks