General
-
Target
d843ed7797a1b6badb49e470fc1c3bf5_JaffaCakes118
-
Size
188KB
-
Sample
241208-wdevts1jfs
-
MD5
d843ed7797a1b6badb49e470fc1c3bf5
-
SHA1
52677bf39bf135cc1ba20bf977a9d7a66380a275
-
SHA256
bcc0d4497e6ac32a89d86f2c74576f8e9d6b0fb2c2cc1de9c990da62efbf0c4d
-
SHA512
52ccc0c1f91c3fa40792b6de56739d06841970b05545a95b1def99c7ff19d110fc461ccc50f6d0362f4787944d8e7c34067d9ac3b14850affed251e1e1ebc7c0
-
SSDEEP
3072:QTSaJ22Emo4VEY7Ia6Cc9GGlVPNmRqKt3rDoRaSTZ8fMZYr2XYDokydjfksS6tpv:GSaJPEmo4WuV/c9lP4PtDXmZBZYqQobP
Malware Config
Targets
-
-
Target
d843ed7797a1b6badb49e470fc1c3bf5_JaffaCakes118
-
Size
188KB
-
MD5
d843ed7797a1b6badb49e470fc1c3bf5
-
SHA1
52677bf39bf135cc1ba20bf977a9d7a66380a275
-
SHA256
bcc0d4497e6ac32a89d86f2c74576f8e9d6b0fb2c2cc1de9c990da62efbf0c4d
-
SHA512
52ccc0c1f91c3fa40792b6de56739d06841970b05545a95b1def99c7ff19d110fc461ccc50f6d0362f4787944d8e7c34067d9ac3b14850affed251e1e1ebc7c0
-
SSDEEP
3072:QTSaJ22Emo4VEY7Ia6Cc9GGlVPNmRqKt3rDoRaSTZ8fMZYr2XYDokydjfksS6tpv:GSaJPEmo4WuV/c9lP4PtDXmZBZYqQobP
Score10/10-
Cycbot
Cycbot is a backdoor and trojan written in C++..
-
Cycbot family
-
Detects Cycbot payload
Cycbot is a backdoor and trojan written in C++.
-
Modifies WinLogon for persistence
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-