General
-
Target
c776740e3d9467a378e3091ec49fc89b_JaffaCakes118
-
Size
180KB
-
Sample
241205-nhndrsslcs
-
MD5
c776740e3d9467a378e3091ec49fc89b
-
SHA1
69c031fe483f3a36522be631abb64cc65638010e
-
SHA256
f5295c773bbbd5a41425a5c739b729467541d5147988b4ba75f7a4935755f74e
-
SHA512
4bc093dbfeb0dbb23e7af61adb12d92e7e0bc61156573fda02192025c082afda55c6e44c25a2d0c59c3bf738d3c5c74c498cfdaa8a7b170d309faa9077896fe7
-
SSDEEP
3072:zsSH+JRKjA2HLadFMeOknXzmwMPFWdkuG59kjeWZCIErpGBjBTa+nudzSHmR:QbkA2reFXTnjgFyS9QoxKjBTtgzOm
Malware Config
Targets
-
-
Target
c776740e3d9467a378e3091ec49fc89b_JaffaCakes118
-
Size
180KB
-
MD5
c776740e3d9467a378e3091ec49fc89b
-
SHA1
69c031fe483f3a36522be631abb64cc65638010e
-
SHA256
f5295c773bbbd5a41425a5c739b729467541d5147988b4ba75f7a4935755f74e
-
SHA512
4bc093dbfeb0dbb23e7af61adb12d92e7e0bc61156573fda02192025c082afda55c6e44c25a2d0c59c3bf738d3c5c74c498cfdaa8a7b170d309faa9077896fe7
-
SSDEEP
3072:zsSH+JRKjA2HLadFMeOknXzmwMPFWdkuG59kjeWZCIErpGBjBTa+nudzSHmR:QbkA2reFXTnjgFyS9QoxKjBTtgzOm
Score10/10-
Cycbot
Cycbot is a backdoor and trojan written in C++..
-
Cycbot family
-
Detects Cycbot payload
Cycbot is a backdoor and trojan written in C++.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Adds Run key to start application
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-