General
-
Target
da27bcd4562e3294c1e645534cbe042f_JaffaCakes118
-
Size
168KB
-
Sample
241209-r7x62s1mew
-
MD5
da27bcd4562e3294c1e645534cbe042f
-
SHA1
bbd1f875772739ace1241d03eafe63b71222b6c2
-
SHA256
29fd5e422fb5233fa538214586b8b790823af18489d86b5db50d17ea8ebdb317
-
SHA512
8430362fe6be7eb17c607891c60523add034ea5bf02b6bb2cf47b281284c8bf94e3fc40dae6228eeec00b286abe4dfeb4bb3bef3fa332dafecb225e9cc57eae3
-
SSDEEP
3072:S5Wt/iXE2F7S0nmJqPTsEof4R88yz7FzxTiiisHs2fKnqIBYaFIDe3i:SUt/uPdqJqPYEc4WD7FzEbYaFIDeS
Malware Config
Targets
-
-
Target
da27bcd4562e3294c1e645534cbe042f_JaffaCakes118
-
Size
168KB
-
MD5
da27bcd4562e3294c1e645534cbe042f
-
SHA1
bbd1f875772739ace1241d03eafe63b71222b6c2
-
SHA256
29fd5e422fb5233fa538214586b8b790823af18489d86b5db50d17ea8ebdb317
-
SHA512
8430362fe6be7eb17c607891c60523add034ea5bf02b6bb2cf47b281284c8bf94e3fc40dae6228eeec00b286abe4dfeb4bb3bef3fa332dafecb225e9cc57eae3
-
SSDEEP
3072:S5Wt/iXE2F7S0nmJqPTsEof4R88yz7FzxTiiisHs2fKnqIBYaFIDe3i:SUt/uPdqJqPYEc4WD7FzEbYaFIDeS
Score10/10-
Cycbot
Cycbot is a backdoor and trojan written in C++..
-
Cycbot family
-
Detects Cycbot payload
Cycbot is a backdoor and trojan written in C++.
-
Modifies WinLogon for persistence
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-