cycbot | 4dbab0b24523e5434380ef8b78dfb8e4d72c9470b0e7c25358a5e298c0ca1a23 | Triage

Submit
Reports

Overview

overview

Static

static

3

JaffaCakes...4b.exe

windows7-x64

JaffaCakes...4b.exe

windows10-2004-x64

3

Sharing

General

Target

JaffaCakes118_eac20e6714afd94bcb0f6b0d10010d4b
Size

202KB
Sample

250120-rhtgkasrhp
MD5

eac20e6714afd94bcb0f6b0d10010d4b
SHA1

8fc1c21d5e69db476798b3efdcfd7a9cea57a320
SHA256

4dbab0b24523e5434380ef8b78dfb8e4d72c9470b0e7c25358a5e298c0ca1a23
SHA512

adff2d8f383e41fe8bfa446e006a4da80ec59688202bfadebe75a899459f81da09443f397fa508c2b5802f24b1e4d99bde072b07eb7dd77b5f786e5f0ec7b42d
SSDEEP

6144:7Ma4cJT0Qg2jn7BevMIqEzhH1+8wy4LN6E9P1k66CmzC:74cJT0QgwnhczhH1ky6wE9POCI

Score

10^/10

cycbot backdoor discovery rat spyware stealer upx

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

JaffaCakes118_eac20e6714afd94bcb0f6b0d10010d4b.exe

Resource

win7-20241010-en

cycbot backdoor discovery rat spyware stealer upx

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

JaffaCakes118_eac20e6714afd94bcb0f6b0d10010d4b.exe

Resource

win10v2004-20241007-en

windows10-2004-x64

2 signatures

150 seconds

Malware Config

Targets

- Target
  
  JaffaCakes118_eac20e6714afd94bcb0f6b0d10010d4b
- Size
  
  202KB
- MD5
  
  eac20e6714afd94bcb0f6b0d10010d4b
- SHA1
  
  8fc1c21d5e69db476798b3efdcfd7a9cea57a320
- SHA256
  
  4dbab0b24523e5434380ef8b78dfb8e4d72c9470b0e7c25358a5e298c0ca1a23
- SHA512
  
  adff2d8f383e41fe8bfa446e006a4da80ec59688202bfadebe75a899459f81da09443f397fa508c2b5802f24b1e4d99bde072b07eb7dd77b5f786e5f0ec7b42d
- SSDEEP
  
  6144:7Ma4cJT0Qg2jn7BevMIqEzhH1+8wy4LN6E9P1k66CmzC:74cJT0QgwnhczhH1ky6wE9POCI
Score

10^/10

cycbot backdoor discovery rat spyware stealer upx
- Cycbot
  Cycbot is a backdoor and trojan written in C++..
  backdoor rat cycbot
- Cycbot family
  cycbot
- Detects Cycbot payload
  Cycbot is a backdoor and trojan written in C++.
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials from Password Stores

Credentials from Web Browsers

Unsecured Credentials

Credentials In Files

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

cycbotbackdoordiscoveryratspywarestealerupx

behavioral2

© 2018-2025

Terms | Privacy