Overview

overview

10

Static

static

3

JaffaCakes...f4.exe

windows7-x64

10

JaffaCakes...f4.exe

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    JaffaCakes118_e769e9dbad6f8e800aba8d67c2800cf4

  • Size

    166KB

  • Sample

    250120-ps4n6szjbp

  • MD5

    e769e9dbad6f8e800aba8d67c2800cf4

  • SHA1

    f55b5b245d0a98727b3f02ca60c7f85f56a676d4

  • SHA256

    7d2cad3248000f306e71bbcefb557e4254335bc4ae0902003484db3507efac56

  • SHA512

    9fdee4436cbc860d4e87b58daf2f85a585cd5a345bdc7ada387c04fd73de79db441bc95a8edc044f9f865d76f6d0b671f3870f8471ab4fd8a32f4ace8b62a83c

  • SSDEEP

    3072:AwJH5h9cjqo7o99Pq7/sIe70BB0e4X2IiJOfV9efmL27LaQEAd+px:L1T9cjFvI7q2TniNa27LlEz

Score
10/10
cycbotbackdoordiscoveryratspywarestealerupx

Malware Config

Targets

    • Target

      JaffaCakes118_e769e9dbad6f8e800aba8d67c2800cf4

    • Size

      166KB

    • MD5

      e769e9dbad6f8e800aba8d67c2800cf4

    • SHA1

      f55b5b245d0a98727b3f02ca60c7f85f56a676d4

    • SHA256

      7d2cad3248000f306e71bbcefb557e4254335bc4ae0902003484db3507efac56

    • SHA512

      9fdee4436cbc860d4e87b58daf2f85a585cd5a345bdc7ada387c04fd73de79db441bc95a8edc044f9f865d76f6d0b671f3870f8471ab4fd8a32f4ace8b62a83c

    • SSDEEP

      3072:AwJH5h9cjqo7o99Pq7/sIe70BB0e4X2IiJOfV9efmL27LaQEAd+px:L1T9cjFvI7q2TniNa27LlEz

    Score
    10/10
    cycbotbackdoordiscoveryratspywarestealerupx

    • Cycbot

      Cycbot is a backdoor and trojan written in C++..

      backdoorratcycbot

    • Cycbot family

      cycbot

    • Detects Cycbot payload

      Cycbot is a backdoor and trojan written in C++.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks