General
-
Target
9893a98500b761c7d3fc877f4168f90b_JaffaCakes118
-
Size
171KB
-
Sample
241125-clafjayjgn
-
MD5
9893a98500b761c7d3fc877f4168f90b
-
SHA1
0612920a80b850bb7349ac66259418ea30bd3bc0
-
SHA256
4eef89724817d37b1e457f1315a4afb448188d5bdcea5e90da53c3e5a0ac21db
-
SHA512
043306c90f3fa1d743d0547d4ffcf1e03ba3ef3ab1067a8d3ca72fa4166d3d118167b9d6a29d73b8bc51a22ce450e38f06b5a6a131d8beedc7d96c6857bbf23a
-
SSDEEP
3072:LGMg4UtbaIFYSjmFAxIxfrI9udSKUaLGYL0CW4CAjLAroKLuBGxHXCpu6I:Dg4UJaBFXfrIQSZaL9L0n4CAj0UKLu00
Malware Config
Targets
-
-
Target
9893a98500b761c7d3fc877f4168f90b_JaffaCakes118
-
Size
171KB
-
MD5
9893a98500b761c7d3fc877f4168f90b
-
SHA1
0612920a80b850bb7349ac66259418ea30bd3bc0
-
SHA256
4eef89724817d37b1e457f1315a4afb448188d5bdcea5e90da53c3e5a0ac21db
-
SHA512
043306c90f3fa1d743d0547d4ffcf1e03ba3ef3ab1067a8d3ca72fa4166d3d118167b9d6a29d73b8bc51a22ce450e38f06b5a6a131d8beedc7d96c6857bbf23a
-
SSDEEP
3072:LGMg4UtbaIFYSjmFAxIxfrI9udSKUaLGYL0CW4CAjLAroKLuBGxHXCpu6I:Dg4UJaBFXfrIQSZaL9L0n4CAj0UKLu00
Score10/10-
Cycbot
Cycbot is a backdoor and trojan written in C++..
-
Cycbot family
-
Detects Cycbot payload
Cycbot is a backdoor and trojan written in C++.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Adds Run key to start application
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-