General
-
Target
9ae1f8ce4207ac024bf0325be1d749e7_JaffaCakes118
-
Size
178KB
-
Sample
241125-mdeqdsyjbq
-
MD5
9ae1f8ce4207ac024bf0325be1d749e7
-
SHA1
c470952d766002beccc8b025ae2912eb5ee4ccc5
-
SHA256
db3a987845430895b2a10c4f6419b77871c820126c3fd70cc1ff0983659e06f3
-
SHA512
c8c5578370ebdd36332e1515d3af6bc47c992cc2754ddd96af55c0a72e6f4c3e5c3e6f8b29e663c865d10cb97cb74b9185e87027abcdcc176fbfad49fe31e383
-
SSDEEP
3072:kW3/A6vxQOHC7uu9uSO9xqmZq9gIRCy4LInvIzyuTPAt4YOGhBPgb8/NspVq0gFG:kWPZvx5i7NgSO9xqmZq9gIRp4LAKRTP/
Malware Config
Targets
-
-
Target
9ae1f8ce4207ac024bf0325be1d749e7_JaffaCakes118
-
Size
178KB
-
MD5
9ae1f8ce4207ac024bf0325be1d749e7
-
SHA1
c470952d766002beccc8b025ae2912eb5ee4ccc5
-
SHA256
db3a987845430895b2a10c4f6419b77871c820126c3fd70cc1ff0983659e06f3
-
SHA512
c8c5578370ebdd36332e1515d3af6bc47c992cc2754ddd96af55c0a72e6f4c3e5c3e6f8b29e663c865d10cb97cb74b9185e87027abcdcc176fbfad49fe31e383
-
SSDEEP
3072:kW3/A6vxQOHC7uu9uSO9xqmZq9gIRCy4LInvIzyuTPAt4YOGhBPgb8/NspVq0gFG:kWPZvx5i7NgSO9xqmZq9gIRp4LAKRTP/
Score10/10-
Cycbot
Cycbot is a backdoor and trojan written in C++..
-
Cycbot family
-
Detects Cycbot payload
Cycbot is a backdoor and trojan written in C++.
-
Modifies WinLogon for persistence
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-