Overview

overview

10

Static

static

3

JaffaCakes...83.exe

windows7-x64

10

JaffaCakes...83.exe

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    JaffaCakes118_2888cdb9bf6cfa9314635f6a83bfa083

  • Size

    177KB

  • Sample

    250125-f2exqsyrcl

  • MD5

    2888cdb9bf6cfa9314635f6a83bfa083

  • SHA1

    b848d56f0aaafce6d046295cf42e301c065be85c

  • SHA256

    b2cd8f95a5f083f655638ac7ae1cb8b7ac7b224fee58d9a12bdd222c430552af

  • SHA512

    1053f1846f2ffb5ddb9a87b6e48a37a69153c283bd5a147c13d0bb161f78f9176cfb52af060680dce943320381bea00fbc13e3d6e2e70c417fb9d53b0daef15b

  • SSDEEP

    3072:Gl2VZnoqpHoxNAQUbxMYpVBc4pjpbg1NWEuqX4xgSmS8NRVu7nHoDMW77H:GlMnLdEA/WYvBcujpb2zuqIxgSyVu7ne

Score
10/10
cycbotbackdoordiscoveryratspywarestealerupx

Malware Config

Targets

    • Target

      JaffaCakes118_2888cdb9bf6cfa9314635f6a83bfa083

    • Size

      177KB

    • MD5

      2888cdb9bf6cfa9314635f6a83bfa083

    • SHA1

      b848d56f0aaafce6d046295cf42e301c065be85c

    • SHA256

      b2cd8f95a5f083f655638ac7ae1cb8b7ac7b224fee58d9a12bdd222c430552af

    • SHA512

      1053f1846f2ffb5ddb9a87b6e48a37a69153c283bd5a147c13d0bb161f78f9176cfb52af060680dce943320381bea00fbc13e3d6e2e70c417fb9d53b0daef15b

    • SSDEEP

      3072:Gl2VZnoqpHoxNAQUbxMYpVBc4pjpbg1NWEuqX4xgSmS8NRVu7nHoDMW77H:GlMnLdEA/WYvBcujpb2zuqIxgSyVu7ne

    Score
    10/10
    cycbotbackdoordiscoveryratspywarestealerupx

    • Cycbot

      Cycbot is a backdoor and trojan written in C++..

      backdoorratcycbot

    • Cycbot family

      cycbot

    • Detects Cycbot payload

      Cycbot is a backdoor and trojan written in C++.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks