General
-
Target
9d73a8dc5917187ff094b1a6028960b6_JaffaCakes118
-
Size
187KB
-
Sample
241125-x4m5kaymfr
-
MD5
9d73a8dc5917187ff094b1a6028960b6
-
SHA1
4690c94ab09e6b12cac5dc8d9c34bae4b7e8a8bc
-
SHA256
ea81e90a3a839b4b13e69a24cc41d2016961d5ad8a3285dd7bf7b119750685c1
-
SHA512
c4955e7a0837a0674dc489eb910f9a1d8985cc6ea85c9d941c07fa3bc34eec0644cbdba4c4d3ea4e3378944f178c49388045e588418751b7d70453199b2ccc43
-
SSDEEP
3072:QigEsY5K4R+IXrGkXPLxXjRbSWLTqTFmtG0ezmbD3yik41xIb5hel4JoV++4FVIj:cnMK4R+IXr/XPFXjfTcFZPzmbD3yik4p
Malware Config
Targets
-
-
Target
9d73a8dc5917187ff094b1a6028960b6_JaffaCakes118
-
Size
187KB
-
MD5
9d73a8dc5917187ff094b1a6028960b6
-
SHA1
4690c94ab09e6b12cac5dc8d9c34bae4b7e8a8bc
-
SHA256
ea81e90a3a839b4b13e69a24cc41d2016961d5ad8a3285dd7bf7b119750685c1
-
SHA512
c4955e7a0837a0674dc489eb910f9a1d8985cc6ea85c9d941c07fa3bc34eec0644cbdba4c4d3ea4e3378944f178c49388045e588418751b7d70453199b2ccc43
-
SSDEEP
3072:QigEsY5K4R+IXrGkXPLxXjRbSWLTqTFmtG0ezmbD3yik41xIb5hel4JoV++4FVIj:cnMK4R+IXr/XPFXjfTcFZPzmbD3yik4p
Score10/10-
Cycbot
Cycbot is a backdoor and trojan written in C++..
-
Cycbot family
-
Detects Cycbot payload
Cycbot is a backdoor and trojan written in C++.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Adds Run key to start application
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-