General
-
Target
d38f9da10581250033729bbf65245425_JaffaCakes118
-
Size
194KB
-
Sample
241207-zntzaasrcx
-
MD5
d38f9da10581250033729bbf65245425
-
SHA1
351ecb03baca1d34c2dcf2c2fc1dd5a468cecfaf
-
SHA256
b17612d02590ad22f75cdc0299428a418a3a44f8070db979d34d50e0f01e4411
-
SHA512
3a062ff3930190d0732944f6f41f0d52b0fbfa8659c296904a4e3a91a73c74b7b03dc3109343f37700be8a486d7646bef43c1467a46e7cc7f11929b7142d6514
-
SSDEEP
3072:/s5eZWt2qBlbU/+7nir7MtyU1PcyImp8wXi5t20zyFHR8ua0DpgewelMv02s:05jjaxr7MtN3IuqtNzyFxafewAO8
Malware Config
Targets
-
-
Target
d38f9da10581250033729bbf65245425_JaffaCakes118
-
Size
194KB
-
MD5
d38f9da10581250033729bbf65245425
-
SHA1
351ecb03baca1d34c2dcf2c2fc1dd5a468cecfaf
-
SHA256
b17612d02590ad22f75cdc0299428a418a3a44f8070db979d34d50e0f01e4411
-
SHA512
3a062ff3930190d0732944f6f41f0d52b0fbfa8659c296904a4e3a91a73c74b7b03dc3109343f37700be8a486d7646bef43c1467a46e7cc7f11929b7142d6514
-
SSDEEP
3072:/s5eZWt2qBlbU/+7nir7MtyU1PcyImp8wXi5t20zyFHR8ua0DpgewelMv02s:05jjaxr7MtN3IuqtNzyFxafewAO8
Score10/10-
Cycbot
Cycbot is a backdoor and trojan written in C++..
-
Cycbot family
-
Detects Cycbot payload
Cycbot is a backdoor and trojan written in C++.
-
Modifies WinLogon for persistence
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-