General
-
Target
a14911add72f95c53d4814ac443f3b38_JaffaCakes118
-
Size
200KB
-
Sample
241126-l1lxjswmds
-
MD5
a14911add72f95c53d4814ac443f3b38
-
SHA1
501eecafa76aa9a7c7fc4ea604e4ad430ee2ee47
-
SHA256
b8a7c9201986ee0c05e2aad5990fd9e67ad13ad5fff5f98c2da56a58f7a3da9c
-
SHA512
36fa22674721f7aea1eb36c60d6c6a7bef6834a995ea633d2c37d5b8ee66fc4e00eec577598de69a750836b3b8e0d143ce605f1e3b6a95cda75d001abd45d1b4
-
SSDEEP
3072:OZwK9XqMLkioXUCFGBeXFenWZF7h0oIluj397rkmsOnzLQIOT106eK2:OZ3qA/oCegiFuoIlujZkmsiHQIIuPt
Malware Config
Targets
-
-
Target
a14911add72f95c53d4814ac443f3b38_JaffaCakes118
-
Size
200KB
-
MD5
a14911add72f95c53d4814ac443f3b38
-
SHA1
501eecafa76aa9a7c7fc4ea604e4ad430ee2ee47
-
SHA256
b8a7c9201986ee0c05e2aad5990fd9e67ad13ad5fff5f98c2da56a58f7a3da9c
-
SHA512
36fa22674721f7aea1eb36c60d6c6a7bef6834a995ea633d2c37d5b8ee66fc4e00eec577598de69a750836b3b8e0d143ce605f1e3b6a95cda75d001abd45d1b4
-
SSDEEP
3072:OZwK9XqMLkioXUCFGBeXFenWZF7h0oIluj397rkmsOnzLQIOT106eK2:OZ3qA/oCegiFuoIlujZkmsiHQIIuPt
Score10/10-
Cycbot
Cycbot is a backdoor and trojan written in C++..
-
Cycbot family
-
Detects Cycbot payload
Cycbot is a backdoor and trojan written in C++.
-
Modifies WinLogon for persistence
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-