cycbot | 688029de162c63ab0f1ea5cf5a0ecbb3bb53f5ea84949113568075a069c56c12 | Triage

Submit
Reports

Overview

overview

Static

static

3

JaffaCakes...6b.exe

windows10-2004-x64

Sharing

General

Target

JaffaCakes118_9d275eac79a094b348c4f00af94cc66b
Size

180KB
Sample

250407-aq9ebasvhx
MD5

9d275eac79a094b348c4f00af94cc66b
SHA1

a422ee1c31ecaed0c5ca4c6cf08d7d8e42858f40
SHA256

688029de162c63ab0f1ea5cf5a0ecbb3bb53f5ea84949113568075a069c56c12
SHA512

1ca5cbd50394e1f0d5c07d69f285f9e346ed8c9f6ed24b6c6dcf5a00083684e39d3bc65b1cd9e745e7e6c9cadea58d6f6579bc9b2ae9ab150799f2378611ae7a
SSDEEP

3072:Bq9uNvM3aBiI7Jq1jMpEiypVNA5rqaOoqHW5dDA3hj6wdfMOT3MMJSFVWwmW7agG:8INvM3aMss18EiyPNonqHKA3b5T3cFVt

Score

10^/10

cycbot backdoor discovery persistence rat upx

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

JaffaCakes118_9d275eac79a094b348c4f00af94cc66b.exe

Resource

win10v2004-20250314-en

cycbot backdoor discovery persistence rat upx

windows10-2004-x64

9 signatures

150 seconds

Malware Config

Targets

- Target
  
  JaffaCakes118_9d275eac79a094b348c4f00af94cc66b
- Size
  
  180KB
- MD5
  
  9d275eac79a094b348c4f00af94cc66b
- SHA1
  
  a422ee1c31ecaed0c5ca4c6cf08d7d8e42858f40
- SHA256
  
  688029de162c63ab0f1ea5cf5a0ecbb3bb53f5ea84949113568075a069c56c12
- SHA512
  
  1ca5cbd50394e1f0d5c07d69f285f9e346ed8c9f6ed24b6c6dcf5a00083684e39d3bc65b1cd9e745e7e6c9cadea58d6f6579bc9b2ae9ab150799f2378611ae7a
- SSDEEP
  
  3072:Bq9uNvM3aBiI7Jq1jMpEiypVNA5rqaOoqHW5dDA3hj6wdfMOT3MMJSFVWwmW7agG:8INvM3aMss18EiyPNonqHKA3b5T3cFVt
Score

10^/10

cycbot backdoor discovery persistence rat upx
- Cycbot
  Cycbot is a backdoor and trojan written in C++..
  backdoor rat cycbot
- Cycbot family
  cycbot
- Detects Cycbot payload
  Cycbot is a backdoor and trojan written in C++.
- Executes dropped EXE
- Adds Run key to start application
  persistence
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

cycbotbackdoordiscoverypersistenceratupx

© 2018-2025

Terms | Privacy