General
-
Target
dbb6858d9e9275405404c40bf5c39cb4_JaffaCakes118
-
Size
179KB
-
Sample
241209-1rdxxaxpbn
-
MD5
dbb6858d9e9275405404c40bf5c39cb4
-
SHA1
18ce267bb4529b297bad971f758b310ac7b27124
-
SHA256
894c891dc44384c687238b7142c0a6934261be7151cc4ee41c9462d86d1f9f63
-
SHA512
28d4fc9736165fd7afea55e0311d00a74014442e8283a362b4b1297977362f2d351e39aba1a64b27204f592699eb5e6e436d86a09be3a721c4d5b1600a987121
-
SSDEEP
3072:O8Dd7ZvPeBjWR9zvOon0AGtG2JHOV9FZ5OwqAc9z4qUiwGtlZNxRCfn:O8D5ZO1WRFJ0Az2scAwlFNxwfn
Malware Config
Targets
-
-
Target
dbb6858d9e9275405404c40bf5c39cb4_JaffaCakes118
-
Size
179KB
-
MD5
dbb6858d9e9275405404c40bf5c39cb4
-
SHA1
18ce267bb4529b297bad971f758b310ac7b27124
-
SHA256
894c891dc44384c687238b7142c0a6934261be7151cc4ee41c9462d86d1f9f63
-
SHA512
28d4fc9736165fd7afea55e0311d00a74014442e8283a362b4b1297977362f2d351e39aba1a64b27204f592699eb5e6e436d86a09be3a721c4d5b1600a987121
-
SSDEEP
3072:O8Dd7ZvPeBjWR9zvOon0AGtG2JHOV9FZ5OwqAc9z4qUiwGtlZNxRCfn:O8D5ZO1WRFJ0Az2scAwlFNxwfn
Score10/10-
Cycbot
Cycbot is a backdoor and trojan written in C++..
-
Cycbot family
-
Detects Cycbot payload
Cycbot is a backdoor and trojan written in C++.
-
Modifies WinLogon for persistence
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-