Overview

overview

10

Static

static

3

JaffaCakes...3f.exe

windows7-x64

10

JaffaCakes...3f.exe

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    JaffaCakes118_ac6d46dcab8ed7ade415d90164052f3f

  • Size

    201KB

  • Sample

    250118-rxnjvswjct

  • MD5

    ac6d46dcab8ed7ade415d90164052f3f

  • SHA1

    a50d1513929b2a9c4680b299a79ea7b289750bd7

  • SHA256

    4cd60a760c2138cc50abf6f8d8aac362c26e50be1468b531a61cb18d4ab97274

  • SHA512

    c08669fe1aeb4dd15c5e291bb7ad14808a7690141df3b1faa273de30b58548a085109ffb9b7017f0f225ade7783250b447b26c6a143c724c917cf32202f4ae50

  • SSDEEP

    3072:ptZBDetdPfnhv7o4CbWnHcU3zbjgUznaBVrEOKQz6Mq3TlMg2agNFGvynNE1HJSg:ptZBDebfnhjJfDgUzSEetg2agKveUQF

Score
10/10
cycbotbackdoordiscoveryratspywarestealerupx

Malware Config

Targets

    • Target

      JaffaCakes118_ac6d46dcab8ed7ade415d90164052f3f

    • Size

      201KB

    • MD5

      ac6d46dcab8ed7ade415d90164052f3f

    • SHA1

      a50d1513929b2a9c4680b299a79ea7b289750bd7

    • SHA256

      4cd60a760c2138cc50abf6f8d8aac362c26e50be1468b531a61cb18d4ab97274

    • SHA512

      c08669fe1aeb4dd15c5e291bb7ad14808a7690141df3b1faa273de30b58548a085109ffb9b7017f0f225ade7783250b447b26c6a143c724c917cf32202f4ae50

    • SSDEEP

      3072:ptZBDetdPfnhv7o4CbWnHcU3zbjgUznaBVrEOKQz6Mq3TlMg2agNFGvynNE1HJSg:ptZBDebfnhjJfDgUzSEetg2agKveUQF

    Score
    10/10
    cycbotbackdoordiscoveryratspywarestealerupx

    • Cycbot

      Cycbot is a backdoor and trojan written in C++..

      backdoorratcycbot

    • Cycbot family

      cycbot

    • Detects Cycbot payload

      Cycbot is a backdoor and trojan written in C++.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks