General

  • Target

    JaffaCakes118_aa535764688f0ed048c7ea1c6ef2a6cb

  • Size

    183KB

  • Sample

    250118-p48ghatmcs

  • MD5

    aa535764688f0ed048c7ea1c6ef2a6cb

  • SHA1

    35eb24d1e3240f1ffa91840c997eb97a3e705842

  • SHA256

    69d4cff0a2685bad42ec9ea57c2ac4a9f03f1fd8acff789994997b7ec4445a8d

  • SHA512

    623a75012820a473aa1025379856f1f8b8a07f6080334d157840081c73f4b5d3bb70675929f982053921887c10687b6eae43d3d23293dd17ec7793f999e36af2

  • SSDEEP

    3072:yPyKEJRh5WQTQ+3zj5SaOa9x2dPc4V7BHkODYG3e0uibNL0HsTADJR9mfOzS5KS+:iy59Tx3pbOa9wz7uODYL0BNLC/Fnwh+t

Malware Config

Targets

    • Target

      JaffaCakes118_aa535764688f0ed048c7ea1c6ef2a6cb

    • Size

      183KB

    • MD5

      aa535764688f0ed048c7ea1c6ef2a6cb

    • SHA1

      35eb24d1e3240f1ffa91840c997eb97a3e705842

    • SHA256

      69d4cff0a2685bad42ec9ea57c2ac4a9f03f1fd8acff789994997b7ec4445a8d

    • SHA512

      623a75012820a473aa1025379856f1f8b8a07f6080334d157840081c73f4b5d3bb70675929f982053921887c10687b6eae43d3d23293dd17ec7793f999e36af2

    • SSDEEP

      3072:yPyKEJRh5WQTQ+3zj5SaOa9x2dPc4V7BHkODYG3e0uibNL0HsTADJR9mfOzS5KS+:iy59Tx3pbOa9wz7uODYL0BNLC/Fnwh+t

    • Cycbot

      Cycbot is a backdoor and trojan written in C++..

    • Cycbot family

    • Detects Cycbot payload

      Cycbot is a backdoor and trojan written in C++.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks