Overview

overview

10

Static

static

3

JaffaCakes...c5.exe

windows7-x64

10

JaffaCakes...c5.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    JaffaCakes118_d64863fe4260aa91a3e630903c93cdc5

  • Size

    189KB

  • Sample

    250120-abjkca1raw

  • MD5

    d64863fe4260aa91a3e630903c93cdc5

  • SHA1

    9f8ca13a7fcb4bb48da563476d456369b5c3ccf4

  • SHA256

    252dccd8bcd744cd9ea1a9504d03de4ad376885cbefba18b86419902e8936137

  • SHA512

    7719461bbd00e9827edd520f1de62be64db55c404ece1713e3ceb31eee2ea87b4c9628f0669de51c65c04482a9b47e872354e74db6e62fe9136a332b1cfae1be

  • SSDEEP

    3072:UfZ4pR/eor20Yo6fwcruGgIlx7uSIp1f9JsFr621+SvZmbn/FnZRL6XmLHBRqp4P:AZ4yAP12rg+wxVJAOoW/FnPsmLhw+bU4

Score
10/10
cycbotbackdoordiscoveryratspywarestealerupx

Malware Config

Targets

    • Target

      JaffaCakes118_d64863fe4260aa91a3e630903c93cdc5

    • Size

      189KB

    • MD5

      d64863fe4260aa91a3e630903c93cdc5

    • SHA1

      9f8ca13a7fcb4bb48da563476d456369b5c3ccf4

    • SHA256

      252dccd8bcd744cd9ea1a9504d03de4ad376885cbefba18b86419902e8936137

    • SHA512

      7719461bbd00e9827edd520f1de62be64db55c404ece1713e3ceb31eee2ea87b4c9628f0669de51c65c04482a9b47e872354e74db6e62fe9136a332b1cfae1be

    • SSDEEP

      3072:UfZ4pR/eor20Yo6fwcruGgIlx7uSIp1f9JsFr621+SvZmbn/FnZRL6XmLHBRqp4P:AZ4yAP12rg+wxVJAOoW/FnPsmLhw+bU4

    Score
    10/10
    cycbotbackdoordiscoveryratspywarestealerupx

    • Cycbot

      Cycbot is a backdoor and trojan written in C++..

      backdoorratcycbot

    • Cycbot family

      cycbot

    • Detects Cycbot payload

      Cycbot is a backdoor and trojan written in C++.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks