cycbot | 951677e5e060889594c56b7796165c3557face45c6dc2fb1b065b780ee6852bb | Triage

Submit
Reports

Overview

overview

Static

static

3

JaffaCakes...21.exe

windows10-2004-x64

Sharing

General

Target

JaffaCakes118_9f993c22b1d577ae0dd42ffc6d30d821
Size

180KB
Sample

250407-sd8w5awks9
MD5

9f993c22b1d577ae0dd42ffc6d30d821
SHA1

ea81a06adc46bc7d942c07a0d0c8633a5393d186
SHA256

951677e5e060889594c56b7796165c3557face45c6dc2fb1b065b780ee6852bb
SHA512

ba3c6c1391100700c1ac80f716b2608b1847232e568aa18320a49044aa6729cf4a245e875ce2026801255146fe6339b111d6be3a4b1eddb5b4c47dc9965a88ba
SSDEEP

3072:vUi3JJZz3ATLiL45Z8JeEQh8scgSYwjQj2uJh0yr/sX7:8iBjATLiL45Zph8sLp0

Score

10^/10

cycbot backdoor discovery persistence rat upx

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

JaffaCakes118_9f993c22b1d577ae0dd42ffc6d30d821.exe

Resource

win10v2004-20250314-en

cycbot backdoor discovery persistence rat upx

windows10-2004-x64

7 signatures

150 seconds

Malware Config

Targets

- Target
  
  JaffaCakes118_9f993c22b1d577ae0dd42ffc6d30d821
- Size
  
  180KB
- MD5
  
  9f993c22b1d577ae0dd42ffc6d30d821
- SHA1
  
  ea81a06adc46bc7d942c07a0d0c8633a5393d186
- SHA256
  
  951677e5e060889594c56b7796165c3557face45c6dc2fb1b065b780ee6852bb
- SHA512
  
  ba3c6c1391100700c1ac80f716b2608b1847232e568aa18320a49044aa6729cf4a245e875ce2026801255146fe6339b111d6be3a4b1eddb5b4c47dc9965a88ba
- SSDEEP
  
  3072:vUi3JJZz3ATLiL45Z8JeEQh8scgSYwjQj2uJh0yr/sX7:8iBjATLiL45Zph8sLp0
Score

10^/10

cycbot backdoor discovery persistence rat upx
- Cycbot
  Cycbot is a backdoor and trojan written in C++..
  backdoor rat cycbot
- Cycbot family
  cycbot
- Detects Cycbot payload
  Cycbot is a backdoor and trojan written in C++.
- Modifies WinLogon for persistence
  persistence
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

cycbotbackdoordiscoverypersistenceratupx

© 2018-2025

Terms | Privacy