General
-
Target
a22cb5adac759fff16b4d45fd78a8dcf_JaffaCakes118
-
Size
176KB
-
Sample
241126-qmkjsayrar
-
MD5
a22cb5adac759fff16b4d45fd78a8dcf
-
SHA1
08be30429659661bdc8967218071956ef54131f8
-
SHA256
9baebc11c5c3ff4bea6c06428e02127aac6d25b113a8392d51c379b2b8ce280e
-
SHA512
4df2913a5c7f4ea0f15111139070935e8c4a9f6646b6facfe38e60efe3cd9330d4b201dd33b73288a4356edb03fb4d8d5d9ae22f474bb169ca6dffc750bf4756
-
SSDEEP
3072:5vboWPZhFnG8hDZcbi4zN8CF6BaFXVV75HeW84MeHkF:FblFG8hDZR4zN8C26lL14
Static task
static1
Behavioral task
behavioral1
Sample
a22cb5adac759fff16b4d45fd78a8dcf_JaffaCakes118.exe
Resource
win7-20241010-en
Malware Config
Targets
-
-
Target
a22cb5adac759fff16b4d45fd78a8dcf_JaffaCakes118
-
Size
176KB
-
MD5
a22cb5adac759fff16b4d45fd78a8dcf
-
SHA1
08be30429659661bdc8967218071956ef54131f8
-
SHA256
9baebc11c5c3ff4bea6c06428e02127aac6d25b113a8392d51c379b2b8ce280e
-
SHA512
4df2913a5c7f4ea0f15111139070935e8c4a9f6646b6facfe38e60efe3cd9330d4b201dd33b73288a4356edb03fb4d8d5d9ae22f474bb169ca6dffc750bf4756
-
SSDEEP
3072:5vboWPZhFnG8hDZcbi4zN8CF6BaFXVV75HeW84MeHkF:FblFG8hDZR4zN8C26lL14
-
Cycbot family
-
Detects Cycbot payload
Cycbot is a backdoor and trojan written in C++.
-
Modifies WinLogon for persistence
-