Overview

overview

10

Static

static

3

30f1c6ac72...4b.exe

windows7-x64

10

30f1c6ac72...4b.exe

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    30f1c6ac72b3270361d56ff705827fa7f21320518b672f093193b2fec5a75c4b.exe

  • Size

    164KB

  • Sample

    250124-qktdxaznft

  • MD5

    f27fa19266252fd7360613f3b360485c

  • SHA1

    af1719e7603f965521808417cbddae41dd397694

  • SHA256

    30f1c6ac72b3270361d56ff705827fa7f21320518b672f093193b2fec5a75c4b

  • SHA512

    047844f48af7daf42a21fe78df5ab772553792791d1a0d978f4acf628748d49848c3689168f2b5b9e11718b0e2674cf916094c9ee353515e89df87b05ac32122

  • SSDEEP

    3072:l15en6TOPzqM5Wq2j8lf/1n27/4QHEKxZYtspMkndHWcqMpV4sEr:Ls66P2GWq/BtS4QDHYtUnw8EsEr

Score
10/10
cycbotbackdoordiscoveryratspywarestealerupx

Malware Config

Targets

    • Target

      30f1c6ac72b3270361d56ff705827fa7f21320518b672f093193b2fec5a75c4b.exe

    • Size

      164KB

    • MD5

      f27fa19266252fd7360613f3b360485c

    • SHA1

      af1719e7603f965521808417cbddae41dd397694

    • SHA256

      30f1c6ac72b3270361d56ff705827fa7f21320518b672f093193b2fec5a75c4b

    • SHA512

      047844f48af7daf42a21fe78df5ab772553792791d1a0d978f4acf628748d49848c3689168f2b5b9e11718b0e2674cf916094c9ee353515e89df87b05ac32122

    • SSDEEP

      3072:l15en6TOPzqM5Wq2j8lf/1n27/4QHEKxZYtspMkndHWcqMpV4sEr:Ls66P2GWq/BtS4QDHYtUnw8EsEr

    Score
    10/10
    cycbotbackdoordiscoveryratspywarestealerupx

    • Cycbot

      Cycbot is a backdoor and trojan written in C++..

      backdoorratcycbot

    • Cycbot family

      cycbot

    • Detects Cycbot payload

      Cycbot is a backdoor and trojan written in C++.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks