Overview

overview

10

Static

static

3

JaffaCakes...bf.exe

windows7-x64

10

JaffaCakes...bf.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    JaffaCakes118_56fcdf26733a537f9bd509db8d58e3bf

  • Size

    164KB

  • Sample

    250129-pyel8sykcw

  • MD5

    56fcdf26733a537f9bd509db8d58e3bf

  • SHA1

    3d67a361a787f70aacbd2c9f17772328aac60c75

  • SHA256

    815f8274db23797774fd56ac8dd03f38c036aa70d7e9235df5fe78891b61e54e

  • SHA512

    66817638aba4e0d0a0d7aa4d7174f63e98a33607646df3aaaf9f50c4ebeb5eb43740b6715e09d44a8bf39ea711dd323580a5e2b49c60462e9aed502b2d003e47

  • SSDEEP

    3072:BYh9WB1m5e4LEgbd4Ny+pZCo4/nVxd0O8ZTCRNaa7TkjX58zFsJcDcL:GQD4LEcd4Ny8u/Vxd0b2RA6kjJ8zFbQ

Score
10/10
cycbotbackdoordiscoverypersistenceratspywarestealerupx

Malware Config

Targets

    • Target

      JaffaCakes118_56fcdf26733a537f9bd509db8d58e3bf

    • Size

      164KB

    • MD5

      56fcdf26733a537f9bd509db8d58e3bf

    • SHA1

      3d67a361a787f70aacbd2c9f17772328aac60c75

    • SHA256

      815f8274db23797774fd56ac8dd03f38c036aa70d7e9235df5fe78891b61e54e

    • SHA512

      66817638aba4e0d0a0d7aa4d7174f63e98a33607646df3aaaf9f50c4ebeb5eb43740b6715e09d44a8bf39ea711dd323580a5e2b49c60462e9aed502b2d003e47

    • SSDEEP

      3072:BYh9WB1m5e4LEgbd4Ny+pZCo4/nVxd0O8ZTCRNaa7TkjX58zFsJcDcL:GQD4LEcd4Ny8u/Vxd0b2RA6kjJ8zFbQ

    Score
    10/10
    cycbotbackdoordiscoverypersistenceratspywarestealerupx

    • Cycbot

      Cycbot is a backdoor and trojan written in C++..

      backdoorratcycbot

    • Cycbot family

      cycbot

    • Detects Cycbot payload

      Cycbot is a backdoor and trojan written in C++.

    • Modifies WinLogon for persistence

      persistence

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks