General
-
Target
cef48e5641250c596ce7d6e11d26b8f7_JaffaCakes118
-
Size
185KB
-
Sample
241206-zl27wasqek
-
MD5
cef48e5641250c596ce7d6e11d26b8f7
-
SHA1
7e0b96f17fd0cf008fb8e1b7e3ecc8ddaff4d499
-
SHA256
bd401ead48f51850e609c016fe7d5b6a30da3fe0912233aacb4de564aeff3c55
-
SHA512
7e2435cdd81bf63800b8772e55194e35eff2819242d0d6d1195c3ab8e5a76c3bf7876dfbe0968c329ab6734c799cf056f6f4f9b944a1db41e6d563abe8cc8445
-
SSDEEP
3072:60eAvneRSCsLuHuhwBou1RcBeBoulQHwtdsEY0ecXQNVtNvUEk/AG0LU7Zs9:ZHeRS/LuHHFRKstoW6BcXQNVPUD/GU
Malware Config
Targets
-
-
Target
cef48e5641250c596ce7d6e11d26b8f7_JaffaCakes118
-
Size
185KB
-
MD5
cef48e5641250c596ce7d6e11d26b8f7
-
SHA1
7e0b96f17fd0cf008fb8e1b7e3ecc8ddaff4d499
-
SHA256
bd401ead48f51850e609c016fe7d5b6a30da3fe0912233aacb4de564aeff3c55
-
SHA512
7e2435cdd81bf63800b8772e55194e35eff2819242d0d6d1195c3ab8e5a76c3bf7876dfbe0968c329ab6734c799cf056f6f4f9b944a1db41e6d563abe8cc8445
-
SSDEEP
3072:60eAvneRSCsLuHuhwBou1RcBeBoulQHwtdsEY0ecXQNVtNvUEk/AG0LU7Zs9:ZHeRS/LuHHFRKstoW6BcXQNVPUD/GU
Score10/10-
Cycbot
Cycbot is a backdoor and trojan written in C++..
-
Cycbot family
-
Detects Cycbot payload
Cycbot is a backdoor and trojan written in C++.
-
Modifies WinLogon for persistence
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-