Overview

overview

10

Static

static

3

JaffaCakes...1d.exe

windows7-x64

10

JaffaCakes...1d.exe

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    JaffaCakes118_7461cb402511b83c66b8c729a6a1ba1d

  • Size

    175KB

  • Sample

    250201-web6bsvpgj

  • MD5

    7461cb402511b83c66b8c729a6a1ba1d

  • SHA1

    a866cad40fff8d69b0e9a8695f2a3a2c67c36cbc

  • SHA256

    cf23ed684b64764c7d9ba42426915feb545784fad0c805c552da8b036c06a9c9

  • SHA512

    a40ca99fbd684125237b7a213bbe2fcfbd1f18639647b73ac9bb1481aa161e749c73783ca808ed1173d1f5eb56dc328b0e60f67ce8069b0e8c6775c7ec829063

  • SSDEEP

    3072:bPT3AEuuvm+z8D1Hi1ok9Cm6AOBgILORZwVT5o1EZl70JV4m0/nV5:3Auvvz4Hi22ylBfK83fZl7Rt5

Score
10/10
cycbotbackdoordiscoverypersistenceratspywarestealerupx

Malware Config

Targets

    • Target

      JaffaCakes118_7461cb402511b83c66b8c729a6a1ba1d

    • Size

      175KB

    • MD5

      7461cb402511b83c66b8c729a6a1ba1d

    • SHA1

      a866cad40fff8d69b0e9a8695f2a3a2c67c36cbc

    • SHA256

      cf23ed684b64764c7d9ba42426915feb545784fad0c805c552da8b036c06a9c9

    • SHA512

      a40ca99fbd684125237b7a213bbe2fcfbd1f18639647b73ac9bb1481aa161e749c73783ca808ed1173d1f5eb56dc328b0e60f67ce8069b0e8c6775c7ec829063

    • SSDEEP

      3072:bPT3AEuuvm+z8D1Hi1ok9Cm6AOBgILORZwVT5o1EZl70JV4m0/nV5:3Auvvz4Hi22ylBfK83fZl7Rt5

    Score
    10/10
    cycbotbackdoordiscoverypersistenceratspywarestealerupx

    • Cycbot

      Cycbot is a backdoor and trojan written in C++..

      backdoorratcycbot

    • Cycbot family

      cycbot

    • Detects Cycbot payload

      Cycbot is a backdoor and trojan written in C++.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Adds Run key to start application

      persistence

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks