Overview

overview

10

Static

static

3

aed46d0e26...fN.exe

windows7-x64

10

aed46d0e26...fN.exe

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    aed46d0e262989a0fefdd65700d7109b829cf4d8cc1a17092bbfb84ad739851fN.exe

  • Size

    208KB

  • Sample

    250124-nj8fbsxmfn

  • MD5

    cf7a5130034b2de74ab09fcfefc74840

  • SHA1

    e08cb54301c8e9123a48e7311c37d3459b7ab465

  • SHA256

    aed46d0e262989a0fefdd65700d7109b829cf4d8cc1a17092bbfb84ad739851f

  • SHA512

    06098d3c1324a7b59a500c05a8b7472badbba9775004d6c3a2ac675523ff27ceaf000c90c70bcac8f00d146555141212a32f2d19a1ad7316a242a542d9728a42

  • SSDEEP

    6144:+6ZwzttVIx4DEsbMH1x5PFfXlKtxfeTY5yBsfK:IGx4Drbm1fPJAtxm3my

Score
10/10
cycbotbackdoordiscoveryratspywarestealerupx

Malware Config

Targets

    • Target

      aed46d0e262989a0fefdd65700d7109b829cf4d8cc1a17092bbfb84ad739851fN.exe

    • Size

      208KB

    • MD5

      cf7a5130034b2de74ab09fcfefc74840

    • SHA1

      e08cb54301c8e9123a48e7311c37d3459b7ab465

    • SHA256

      aed46d0e262989a0fefdd65700d7109b829cf4d8cc1a17092bbfb84ad739851f

    • SHA512

      06098d3c1324a7b59a500c05a8b7472badbba9775004d6c3a2ac675523ff27ceaf000c90c70bcac8f00d146555141212a32f2d19a1ad7316a242a542d9728a42

    • SSDEEP

      6144:+6ZwzttVIx4DEsbMH1x5PFfXlKtxfeTY5yBsfK:IGx4Drbm1fPJAtxm3my

    Score
    10/10
    cycbotbackdoordiscoveryratspywarestealerupx

    • Cycbot

      Cycbot is a backdoor and trojan written in C++..

      backdoorratcycbot

    • Cycbot family

      cycbot

    • Detects Cycbot payload

      Cycbot is a backdoor and trojan written in C++.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks