Overview

overview

10

Static

static

3

JaffaCakes...45.exe

windows7-x64

10

JaffaCakes...45.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    JaffaCakes118_a0d0a811e95c1520ae41e3b783b56245

  • Size

    184KB

  • Sample

    250118-f7aj7strcx

  • MD5

    a0d0a811e95c1520ae41e3b783b56245

  • SHA1

    c968c2f2e7bcf8e8b747860b5dd165d76c50c69d

  • SHA256

    1470e4f143dfbdc0c767131f337d42ff623ab460f8c92c27970310fb24d4f408

  • SHA512

    3a0b20e02fcd20fdc34eedbe2c9df701634ef04cffb56d2db4bbad0c895aedf01b40d6821fd7e23fcffed5573a36050bf5ef581eec9736601fe4964d38a6edbd

  • SSDEEP

    3072:SLIsfb/xwle6EZN62KFGmKsssbNO3vKYm7gz3ClPiG9TEijYcK8fYVLKIitoaW/P:SLRdWeb7vqGPssENO/KY58iqnG8YLetU

Score
10/10
cycbotbackdoordiscoveryratspywarestealerupx

Malware Config

Targets

    • Target

      JaffaCakes118_a0d0a811e95c1520ae41e3b783b56245

    • Size

      184KB

    • MD5

      a0d0a811e95c1520ae41e3b783b56245

    • SHA1

      c968c2f2e7bcf8e8b747860b5dd165d76c50c69d

    • SHA256

      1470e4f143dfbdc0c767131f337d42ff623ab460f8c92c27970310fb24d4f408

    • SHA512

      3a0b20e02fcd20fdc34eedbe2c9df701634ef04cffb56d2db4bbad0c895aedf01b40d6821fd7e23fcffed5573a36050bf5ef581eec9736601fe4964d38a6edbd

    • SSDEEP

      3072:SLIsfb/xwle6EZN62KFGmKsssbNO3vKYm7gz3ClPiG9TEijYcK8fYVLKIitoaW/P:SLRdWeb7vqGPssENO/KY58iqnG8YLetU

    Score
    10/10
    cycbotbackdoordiscoveryratspywarestealerupx

    • Cycbot

      Cycbot is a backdoor and trojan written in C++..

      backdoorratcycbot

    • Cycbot family

      cycbot

    • Detects Cycbot payload

      Cycbot is a backdoor and trojan written in C++.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks