cycbot | 61417b19c8c86f38cf0eaf1ef7a43c4081aacf748cad8915b0d062171a491551 | Triage

Submit
Reports

Overview

overview

Static

static

3

JaffaCakes...81.exe

windows10-2004-x64

Sharing

General

Target

JaffaCakes118_9c150193c7161a51cce3813454cdc281
Size

171KB
Sample

250406-v5tydsvscx
MD5

9c150193c7161a51cce3813454cdc281
SHA1

a20a13d1bf0bea85adabf8f7b9d90d4e253b2e15
SHA256

61417b19c8c86f38cf0eaf1ef7a43c4081aacf748cad8915b0d062171a491551
SHA512

d09fe8c7b0458caac97e19033cfb0236de9a2d424afe56f89e27960e5db3fdb102c0c6549624906786c1fced3a12a27d3eb4f8b0fdfeff503ef9317f7bbb9b3f
SSDEEP

3072:tIGV6wDVA7YRAljukwa/+pI0S2otjv4NlVKWLl1x/9dFaO2YXXDgh9WRoU+p:tn5S7cAtukkHStvUlVKW3bD2QXDi9w7y

Score

10^/10

cycbot backdoor discovery persistence rat upx

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

JaffaCakes118_9c150193c7161a51cce3813454cdc281.exe

Resource

win10v2004-20250314-en

cycbot backdoor discovery persistence rat upx

windows10-2004-x64

7 signatures

150 seconds

Malware Config

Targets

- Target
  
  JaffaCakes118_9c150193c7161a51cce3813454cdc281
- Size
  
  171KB
- MD5
  
  9c150193c7161a51cce3813454cdc281
- SHA1
  
  a20a13d1bf0bea85adabf8f7b9d90d4e253b2e15
- SHA256
  
  61417b19c8c86f38cf0eaf1ef7a43c4081aacf748cad8915b0d062171a491551
- SHA512
  
  d09fe8c7b0458caac97e19033cfb0236de9a2d424afe56f89e27960e5db3fdb102c0c6549624906786c1fced3a12a27d3eb4f8b0fdfeff503ef9317f7bbb9b3f
- SSDEEP
  
  3072:tIGV6wDVA7YRAljukwa/+pI0S2otjv4NlVKWLl1x/9dFaO2YXXDgh9WRoU+p:tn5S7cAtukkHStvUlVKW3bD2QXDi9w7y
Score

10^/10

cycbot backdoor discovery persistence rat upx
- Cycbot
  Cycbot is a backdoor and trojan written in C++..
  backdoor rat cycbot
- Cycbot family
  cycbot
- Detects Cycbot payload
  Cycbot is a backdoor and trojan written in C++.
- Modifies WinLogon for persistence
  persistence
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

cycbotbackdoordiscoverypersistenceratupx

© 2018-2025

Terms | Privacy