Overview

overview

10

Static

static

3

JaffaCakes...6b.exe

windows7-x64

10

JaffaCakes...6b.exe

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    JaffaCakes118_3f988b87a302eaeaf144e47c873a996b

  • Size

    182KB

  • Sample

    250127-pp53tsylat

  • MD5

    3f988b87a302eaeaf144e47c873a996b

  • SHA1

    f6fd1d58d5c418e248389a9eeab068f801564053

  • SHA256

    1b7b3d299cf781d70114c181b33de22d47bf20e53106c28969e83cc8d4e9b3b4

  • SHA512

    385176c703cac543225a292128f329e33c0fcff38a5e1fef412e081d6c8abb0c4b9495b0457b4e2d0cf581c970f69509b4bc053d20c091ef85fdde97593e2c28

  • SSDEEP

    3072:CupClVC5JKgLsLicBGBGwlnwASgDnkYb6HKbNsrXpc:C9l88gYBa5BTm/e

Score
10/10
cycbotbackdoordiscoveryratspywarestealerupx

Malware Config

Targets

    • Target

      JaffaCakes118_3f988b87a302eaeaf144e47c873a996b

    • Size

      182KB

    • MD5

      3f988b87a302eaeaf144e47c873a996b

    • SHA1

      f6fd1d58d5c418e248389a9eeab068f801564053

    • SHA256

      1b7b3d299cf781d70114c181b33de22d47bf20e53106c28969e83cc8d4e9b3b4

    • SHA512

      385176c703cac543225a292128f329e33c0fcff38a5e1fef412e081d6c8abb0c4b9495b0457b4e2d0cf581c970f69509b4bc053d20c091ef85fdde97593e2c28

    • SSDEEP

      3072:CupClVC5JKgLsLicBGBGwlnwASgDnkYb6HKbNsrXpc:C9l88gYBa5BTm/e

    Score
    10/10
    cycbotbackdoordiscoveryratspywarestealerupx

    • Cycbot

      Cycbot is a backdoor and trojan written in C++..

      backdoorratcycbot

    • Cycbot family

      cycbot

    • Detects Cycbot payload

      Cycbot is a backdoor and trojan written in C++.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks