Overview

overview

10

Static

static

3

JaffaCakes...f3.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    JaffaCakes118_9b35b8947738fe040b2d4ae33d8023f3

  • Size

    173KB

  • Sample

    250406-n9pqxazqs8

  • MD5

    9b35b8947738fe040b2d4ae33d8023f3

  • SHA1

    eb464f2c442ce2eae47527d197d4ce7e38cc2a78

  • SHA256

    86b19254910eb5311f174ced2371f215230ef5b85f2b4947d7b9144c5677ba61

  • SHA512

    3fbcaa82f365a7d666f28be1ff0d7c964fc24755fc1e6eded8d49cac0f2b25b0e2a123b6df577b8a3c41de83b9ad903405b05a2a213290fa63f223845d43ab7f

  • SSDEEP

    3072:Z+Mwo0WwWMc7N378pMDnWIeKteaXrbvbXckns/xscwL7fQugx+xbMql+z/edrJLk:Z+RgwW77N3Qp8nQgZ/vbgxscwL7+x+N0

Score
10/10
cycbotbackdoordiscoverypersistenceratupx

Malware Config

Targets

    • Target

      JaffaCakes118_9b35b8947738fe040b2d4ae33d8023f3

    • Size

      173KB

    • MD5

      9b35b8947738fe040b2d4ae33d8023f3

    • SHA1

      eb464f2c442ce2eae47527d197d4ce7e38cc2a78

    • SHA256

      86b19254910eb5311f174ced2371f215230ef5b85f2b4947d7b9144c5677ba61

    • SHA512

      3fbcaa82f365a7d666f28be1ff0d7c964fc24755fc1e6eded8d49cac0f2b25b0e2a123b6df577b8a3c41de83b9ad903405b05a2a213290fa63f223845d43ab7f

    • SSDEEP

      3072:Z+Mwo0WwWMc7N378pMDnWIeKteaXrbvbXckns/xscwL7fQugx+xbMql+z/edrJLk:Z+RgwW77N3Qp8nQgZ/vbgxscwL7+x+N0

    Score
    10/10
    cycbotbackdoordiscoverypersistenceratupx

    • Cycbot

      Cycbot is a backdoor and trojan written in C++..

      backdoorratcycbot

    • Cycbot family

      cycbot

    • Detects Cycbot payload

      Cycbot is a backdoor and trojan written in C++.

    • Modifies WinLogon for persistence

      persistence

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1

MITRE ATT&CK Enterprise v15

Tasks