General
-
Target
c563736c91d85771c5f0f69e34377a39_JaffaCakes118
-
Size
189KB
-
Sample
241205-cjhzwssqdt
-
MD5
c563736c91d85771c5f0f69e34377a39
-
SHA1
9a4fce814020686662d5efe6d703319e367140cf
-
SHA256
e656c8fcffe3d4d8aa4702dd9dd313cee0af4e6192f0551751bb72b55e075eb6
-
SHA512
996eb8e63b3f55cd5820275e81a0772355be3db9bf2c4f93a5b500c1033afd15120fa9e05c0a72fbbd2e9fea2fd5e9c17d442a258c31b1bb6c5dd71b4fa26bb6
-
SSDEEP
3072:HmBOfy3tLGb8uCzMkNxbwzVyUsSxowgVpYWjshXX99DKGavdoZP6n6i:Zfy3tLaCzjPWVrOxaKGavWZP6n6
Malware Config
Targets
-
-
Target
c563736c91d85771c5f0f69e34377a39_JaffaCakes118
-
Size
189KB
-
MD5
c563736c91d85771c5f0f69e34377a39
-
SHA1
9a4fce814020686662d5efe6d703319e367140cf
-
SHA256
e656c8fcffe3d4d8aa4702dd9dd313cee0af4e6192f0551751bb72b55e075eb6
-
SHA512
996eb8e63b3f55cd5820275e81a0772355be3db9bf2c4f93a5b500c1033afd15120fa9e05c0a72fbbd2e9fea2fd5e9c17d442a258c31b1bb6c5dd71b4fa26bb6
-
SSDEEP
3072:HmBOfy3tLGb8uCzMkNxbwzVyUsSxowgVpYWjshXX99DKGavdoZP6n6i:Zfy3tLaCzjPWVrOxaKGavWZP6n6
Score10/10-
Cycbot
Cycbot is a backdoor and trojan written in C++..
-
Cycbot family
-
Detects Cycbot payload
Cycbot is a backdoor and trojan written in C++.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Adds Run key to start application
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-