Overview

overview

10

Static

static

3

JaffaCakes...5a.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    JaffaCakes118_a5e9059a2a6479c8827abdabd0a0e65a

  • Size

    179KB

  • Sample

    250409-vfg8asxtey

  • MD5

    a5e9059a2a6479c8827abdabd0a0e65a

  • SHA1

    85dbc6e7a85f1780084ebf3cdc2824c4aff4a762

  • SHA256

    9155f7f56a7b45d91a40d3752a6754398f44a4041e5e995cc5e755c8d50ca1ba

  • SHA512

    35f3cab244d644c147beff7e8ba0844fe39a099b9279165866875310f9268605344a977a6be97e8ea359df7611fa0c5636ad51ab5b7fb154c60627fa5002e388

  • SSDEEP

    3072:G96bQz7/1rTU6EH5G7Jwalp3E9F2bVQiUGo7riZiOB0jnxoYTHeunJdVj:LbK7pY15G7JwCpIMVnUpniZiOKxQufN

Score
10/10
cycbotbackdoordiscoverypersistenceratupx

Malware Config

Targets

    • Target

      JaffaCakes118_a5e9059a2a6479c8827abdabd0a0e65a

    • Size

      179KB

    • MD5

      a5e9059a2a6479c8827abdabd0a0e65a

    • SHA1

      85dbc6e7a85f1780084ebf3cdc2824c4aff4a762

    • SHA256

      9155f7f56a7b45d91a40d3752a6754398f44a4041e5e995cc5e755c8d50ca1ba

    • SHA512

      35f3cab244d644c147beff7e8ba0844fe39a099b9279165866875310f9268605344a977a6be97e8ea359df7611fa0c5636ad51ab5b7fb154c60627fa5002e388

    • SSDEEP

      3072:G96bQz7/1rTU6EH5G7Jwalp3E9F2bVQiUGo7riZiOB0jnxoYTHeunJdVj:LbK7pY15G7JwCpIMVnUpniZiOKxQufN

    Score
    10/10
    cycbotbackdoordiscoverypersistenceratupx

    • Cycbot

      Cycbot is a backdoor and trojan written in C++..

      backdoorratcycbot

    • Cycbot family

      cycbot

    • Detects Cycbot payload

      Cycbot is a backdoor and trojan written in C++.

    • Modifies WinLogon for persistence

      persistence

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1

MITRE ATT&CK Enterprise v16

Tasks