Overview

overview

10

Static

static

3

JaffaCakes...89.exe

windows7-x64

10

JaffaCakes...89.exe

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    JaffaCakes118_937f144b16d10c8efdff08055d637589

  • Size

    170KB

  • Sample

    250329-xpj5csxwds

  • MD5

    937f144b16d10c8efdff08055d637589

  • SHA1

    307eff2f1e42e2e5dcb054730d3d5d55e82357b0

  • SHA256

    9a081595e77993711f68d85e25321eec7c7b1b7cd6c89593f6443ae5450f6952

  • SHA512

    f53b43dc163529f70ea1c185357022ebc83cc1e70afd72714eda004ab6dbebe3437f317990472c76d710af29763832b0349b649ae40b8b894be4d3d18f7b1674

  • SSDEEP

    3072:srsxR5GmMgjNvn0COV/89SPk81uRRzA23uRn43szMaoAn:sAxR4/qNv0FtmzRzAYXsLVn

Score
10/10
cycbotbackdoordiscoveryratspywarestealerupx

Malware Config

Targets

    • Target

      JaffaCakes118_937f144b16d10c8efdff08055d637589

    • Size

      170KB

    • MD5

      937f144b16d10c8efdff08055d637589

    • SHA1

      307eff2f1e42e2e5dcb054730d3d5d55e82357b0

    • SHA256

      9a081595e77993711f68d85e25321eec7c7b1b7cd6c89593f6443ae5450f6952

    • SHA512

      f53b43dc163529f70ea1c185357022ebc83cc1e70afd72714eda004ab6dbebe3437f317990472c76d710af29763832b0349b649ae40b8b894be4d3d18f7b1674

    • SSDEEP

      3072:srsxR5GmMgjNvn0COV/89SPk81uRRzA23uRn43szMaoAn:sAxR4/qNv0FtmzRzAYXsLVn

    Score
    10/10
    cycbotbackdoordiscoveryratspywarestealerupx

    • Cycbot

      Cycbot is a backdoor and trojan written in C++..

      backdoorratcycbot

    • Cycbot family

      cycbot

    • Detects Cycbot payload

      Cycbot is a backdoor and trojan written in C++.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks