General
-
Target
9eb7f156b81125a1e80699788b6f9b08_JaffaCakes118
-
Size
181KB
-
Sample
241126-agz5aatmes
-
MD5
9eb7f156b81125a1e80699788b6f9b08
-
SHA1
764eb2dafeebda963cd49b88fde647af63d8fb8d
-
SHA256
b3da41f19bc66314744d06b6ccdc66f7588ed496fb58503c3434b2063ec9dbf2
-
SHA512
33880406e71f14be179642bce5c16037f324ac992badffe250beb7f48c0001c611533f2a34ce27eecc0cb513dd8c7b21fc40175c4fd3a972ef1256034a130e60
-
SSDEEP
3072:ypTafsJaImvR5yAiFy7z/axIRi5kaj+v+kmKVTbI8h68lfLxXMGsjsMP5HZ4GHU8:gTafSsb/BRi5jRkmKVPZh68ljxXMNsvi
Malware Config
Targets
-
-
Target
9eb7f156b81125a1e80699788b6f9b08_JaffaCakes118
-
Size
181KB
-
MD5
9eb7f156b81125a1e80699788b6f9b08
-
SHA1
764eb2dafeebda963cd49b88fde647af63d8fb8d
-
SHA256
b3da41f19bc66314744d06b6ccdc66f7588ed496fb58503c3434b2063ec9dbf2
-
SHA512
33880406e71f14be179642bce5c16037f324ac992badffe250beb7f48c0001c611533f2a34ce27eecc0cb513dd8c7b21fc40175c4fd3a972ef1256034a130e60
-
SSDEEP
3072:ypTafsJaImvR5yAiFy7z/axIRi5kaj+v+kmKVTbI8h68lfLxXMGsjsMP5HZ4GHU8:gTafSsb/BRi5jRkmKVPZh68ljxXMNsvi
Score10/10-
Cycbot
Cycbot is a backdoor and trojan written in C++..
-
Cycbot family
-
Detects Cycbot payload
Cycbot is a backdoor and trojan written in C++.
-
Modifies WinLogon for persistence
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-