General
-
Target
a45486a8dbdbdee4cb1b994e9abfef4a_JaffaCakes118
-
Size
173KB
-
Sample
241126-1v5j2aykbj
-
MD5
a45486a8dbdbdee4cb1b994e9abfef4a
-
SHA1
bb89fcd3b6bf71a45e4930c0cba30c15f1b79e34
-
SHA256
b3a99bf4fb5a46eb9dab7032a981ce3c4fe73974a6f8b75209529189969c59c1
-
SHA512
d33ccf9f632674530af66d24f0a3d70536e301e8d66ed05e18e03b997f5597a7f474a2078ddc96e836493661b5193f39b9e6cf49b59072578ef3828b4a831dad
-
SSDEEP
3072:eC/l2zwUJLCXPqG3oXSaWIc39JniNhazV5YVwmTP78F2iAcVpA5MQCT2dDbtYK4:l2z+qG3oX5Fd6sTK2ihVp8Ym3tT
Malware Config
Targets
-
-
Target
a45486a8dbdbdee4cb1b994e9abfef4a_JaffaCakes118
-
Size
173KB
-
MD5
a45486a8dbdbdee4cb1b994e9abfef4a
-
SHA1
bb89fcd3b6bf71a45e4930c0cba30c15f1b79e34
-
SHA256
b3a99bf4fb5a46eb9dab7032a981ce3c4fe73974a6f8b75209529189969c59c1
-
SHA512
d33ccf9f632674530af66d24f0a3d70536e301e8d66ed05e18e03b997f5597a7f474a2078ddc96e836493661b5193f39b9e6cf49b59072578ef3828b4a831dad
-
SSDEEP
3072:eC/l2zwUJLCXPqG3oXSaWIc39JniNhazV5YVwmTP78F2iAcVpA5MQCT2dDbtYK4:l2z+qG3oX5Fd6sTK2ihVp8Ym3tT
Score10/10-
Cycbot
Cycbot is a backdoor and trojan written in C++..
-
Cycbot family
-
Detects Cycbot payload
Cycbot is a backdoor and trojan written in C++.
-
Modifies WinLogon for persistence
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-