Overview

overview

10

Static

static

3

JaffaCakes...5e.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    JaffaCakes118_a0d8a6d05e49d40dcde008467422135e

  • Size

    174KB

  • Sample

    250408-wdjh1sxmt7

  • MD5

    a0d8a6d05e49d40dcde008467422135e

  • SHA1

    fc8a6f42d9da69e1dde86568b4efef612b575f3e

  • SHA256

    63937432ce8cbce3d93cf782d5d568b342b491a3a3a5c804ba17c59e66afdba9

  • SHA512

    3a05a5e52ff5aff1730822d2ad6a5b3609f05d1233dbea519316c404fc07e0bb3ee03bffe3bf47fc1dfa9f955461d72a5ddd150bafadcdf703b06baa84dbf2a4

  • SSDEEP

    3072:v1wKJ+803oJr5d/JWunRd1obDUkktXvIZ5P2i1:vm0+803oJtdht2bDUTt0T

Score
10/10
cycbotbackdoordiscoverypersistenceratupx

Malware Config

Targets

    • Target

      JaffaCakes118_a0d8a6d05e49d40dcde008467422135e

    • Size

      174KB

    • MD5

      a0d8a6d05e49d40dcde008467422135e

    • SHA1

      fc8a6f42d9da69e1dde86568b4efef612b575f3e

    • SHA256

      63937432ce8cbce3d93cf782d5d568b342b491a3a3a5c804ba17c59e66afdba9

    • SHA512

      3a05a5e52ff5aff1730822d2ad6a5b3609f05d1233dbea519316c404fc07e0bb3ee03bffe3bf47fc1dfa9f955461d72a5ddd150bafadcdf703b06baa84dbf2a4

    • SSDEEP

      3072:v1wKJ+803oJr5d/JWunRd1obDUkktXvIZ5P2i1:vm0+803oJtdht2bDUTt0T

    Score
    10/10
    cycbotbackdoordiscoverypersistenceratupx

    • Cycbot

      Cycbot is a backdoor and trojan written in C++..

      backdoorratcycbot

    • Cycbot family

      cycbot

    • Detects Cycbot payload

      Cycbot is a backdoor and trojan written in C++.

    • Modifies WinLogon for persistence

      persistence

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1

MITRE ATT&CK Enterprise v16

Tasks