Overview

overview

10

Static

static

3

JaffaCakes...24.exe

windows7-x64

10

JaffaCakes...24.exe

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    JaffaCakes118_26a26648b072b369ba886bcc5f172124

  • Size

    195KB

  • Sample

    250125-amsbmawldv

  • MD5

    26a26648b072b369ba886bcc5f172124

  • SHA1

    c80dc1729ebde0ef2de4bfad3a657ab8d64213ca

  • SHA256

    0efdeac4aa358ae94edb273aa8f1b1c0dc1a35e7998863cd7a619db7dc2b4075

  • SHA512

    d1d5723982cc00711709b4c4ecf964f49aa2fd93ec41b7a03b66aa8959021cc33dee81002fb330f8f0ca1283ecdd465753893f00be359cf1e5c0b3a2c5645181

  • SSDEEP

    3072:vX7W2w361byPzWmcfHEc6+KokA4O6foLSGAiOHc9kxPsCI381cY4i5:a2a61HfkL8J6Y/qxPzI381KG

Score
10/10
cycbotbackdoordiscoveryratspywarestealerupx

Malware Config

Targets

    • Target

      JaffaCakes118_26a26648b072b369ba886bcc5f172124

    • Size

      195KB

    • MD5

      26a26648b072b369ba886bcc5f172124

    • SHA1

      c80dc1729ebde0ef2de4bfad3a657ab8d64213ca

    • SHA256

      0efdeac4aa358ae94edb273aa8f1b1c0dc1a35e7998863cd7a619db7dc2b4075

    • SHA512

      d1d5723982cc00711709b4c4ecf964f49aa2fd93ec41b7a03b66aa8959021cc33dee81002fb330f8f0ca1283ecdd465753893f00be359cf1e5c0b3a2c5645181

    • SSDEEP

      3072:vX7W2w361byPzWmcfHEc6+KokA4O6foLSGAiOHc9kxPsCI381cY4i5:a2a61HfkL8J6Y/qxPzI381KG

    Score
    10/10
    cycbotbackdoordiscoveryratspywarestealerupx

    • Cycbot

      Cycbot is a backdoor and trojan written in C++..

      backdoorratcycbot

    • Cycbot family

      cycbot

    • Detects Cycbot payload

      Cycbot is a backdoor and trojan written in C++.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks