General
-
Target
94ca4dbfbbfb009322d782c4bab76879_JaffaCakes118
-
Size
174KB
-
Sample
241124-p4wspszpdx
-
MD5
94ca4dbfbbfb009322d782c4bab76879
-
SHA1
e49a604dbdc9e00c42f73db128b32eb708cd89b2
-
SHA256
f5b243c6087cbebafdc27c0f0c60937c24323dd17b14dd66ad9b90def4cb299a
-
SHA512
86ec57d9cf02b3058cc5d05eb7aabb43a51789c614641df139a45d3941a62e9a10d78c48ca6ea44cd200b8b58d8e1812044b0c330fa3c2d8cb162b993fab2cfc
-
SSDEEP
3072:4TyCGlKp5zhil/eMkb/31Owp5O9pFPPcJX4CtdyNgl2IOyx8DbZ:4TyCNpnu/eTb/FOwp5O9DPcJ/dyNm2IY
Malware Config
Targets
-
-
Target
94ca4dbfbbfb009322d782c4bab76879_JaffaCakes118
-
Size
174KB
-
MD5
94ca4dbfbbfb009322d782c4bab76879
-
SHA1
e49a604dbdc9e00c42f73db128b32eb708cd89b2
-
SHA256
f5b243c6087cbebafdc27c0f0c60937c24323dd17b14dd66ad9b90def4cb299a
-
SHA512
86ec57d9cf02b3058cc5d05eb7aabb43a51789c614641df139a45d3941a62e9a10d78c48ca6ea44cd200b8b58d8e1812044b0c330fa3c2d8cb162b993fab2cfc
-
SSDEEP
3072:4TyCGlKp5zhil/eMkb/31Owp5O9pFPPcJX4CtdyNgl2IOyx8DbZ:4TyCNpnu/eTb/FOwp5O9DPcJ/dyNm2IY
Score10/10-
Cycbot
Cycbot is a backdoor and trojan written in C++..
-
Cycbot family
-
Detects Cycbot payload
Cycbot is a backdoor and trojan written in C++.
-
Modifies WinLogon for persistence
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-