Overview

overview

10

Static

static

3

JaffaCakes...3c.exe

windows7-x64

10

JaffaCakes...3c.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    JaffaCakes118_38d0284f390540324bad53f4fd6a723c

  • Size

    192KB

  • Sample

    250126-yx26kstkbr

  • MD5

    38d0284f390540324bad53f4fd6a723c

  • SHA1

    205654b5fe6e8ea6379fb0c02ac801515e9124ed

  • SHA256

    0fe6a7d56da95f7fc6941f1a0ca462c2be1524bb2a999e5909bed73deeed7459

  • SHA512

    732095c4ad9e541931f83113b26d28bf8e9059a5a4ba03c8be866b9df6abd469504995b49e08cd1183a785b77a76fc23daa6ee687e79c3a84000b0fc04bf6e46

  • SSDEEP

    3072:SWtfAwfqNrriq/WkhtqLkiWWxw7R/zr/FJt/XqDXdl+sPT9troqn:XXqJriG7htgT0BJJtCdQsb9tr/

Score
10/10
cycbotbackdoordiscoveryratspywarestealerupx

Malware Config

Targets

    • Target

      JaffaCakes118_38d0284f390540324bad53f4fd6a723c

    • Size

      192KB

    • MD5

      38d0284f390540324bad53f4fd6a723c

    • SHA1

      205654b5fe6e8ea6379fb0c02ac801515e9124ed

    • SHA256

      0fe6a7d56da95f7fc6941f1a0ca462c2be1524bb2a999e5909bed73deeed7459

    • SHA512

      732095c4ad9e541931f83113b26d28bf8e9059a5a4ba03c8be866b9df6abd469504995b49e08cd1183a785b77a76fc23daa6ee687e79c3a84000b0fc04bf6e46

    • SSDEEP

      3072:SWtfAwfqNrriq/WkhtqLkiWWxw7R/zr/FJt/XqDXdl+sPT9troqn:XXqJriG7htgT0BJJtCdQsb9tr/

    Score
    10/10
    cycbotbackdoordiscoveryratspywarestealerupx

    • Cycbot

      Cycbot is a backdoor and trojan written in C++..

      backdoorratcycbot

    • Cycbot family

      cycbot

    • Detects Cycbot payload

      Cycbot is a backdoor and trojan written in C++.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks