General
-
Target
ddfb85764d24d7a35245c9ef639cc366_JaffaCakes118
-
Size
168KB
-
Sample
241210-wfsjpswrgr
-
MD5
ddfb85764d24d7a35245c9ef639cc366
-
SHA1
5141c6ed42f0fdd693876577ba49f0856c484d08
-
SHA256
6040852a791234b018bccf9276763e3ba3db726e98156b4b2a318a10aed74f11
-
SHA512
67c89719b92f8b2c2c191ac612a3415613a26e22f92b07e980a4e8cefa6accf9d5067c3e7b13a340806ffa2264f5586d07c5049f3b457227470a82e29945063d
-
SSDEEP
3072:rD9aoju4GJnPRsWGTuTO8D7ZTBvYZgnpHphHkRaJB1P+76h8y7hm5D1muwGn/aDm:H9aqG5psjTuTFqZgnBcAyy7e1b3e3C3t
Malware Config
Targets
-
-
Target
ddfb85764d24d7a35245c9ef639cc366_JaffaCakes118
-
Size
168KB
-
MD5
ddfb85764d24d7a35245c9ef639cc366
-
SHA1
5141c6ed42f0fdd693876577ba49f0856c484d08
-
SHA256
6040852a791234b018bccf9276763e3ba3db726e98156b4b2a318a10aed74f11
-
SHA512
67c89719b92f8b2c2c191ac612a3415613a26e22f92b07e980a4e8cefa6accf9d5067c3e7b13a340806ffa2264f5586d07c5049f3b457227470a82e29945063d
-
SSDEEP
3072:rD9aoju4GJnPRsWGTuTO8D7ZTBvYZgnpHphHkRaJB1P+76h8y7hm5D1muwGn/aDm:H9aqG5psjTuTFqZgnBcAyy7e1b3e3C3t
Score10/10-
Cycbot
Cycbot is a backdoor and trojan written in C++..
-
Cycbot family
-
Detects Cycbot payload
Cycbot is a backdoor and trojan written in C++.
-
Modifies WinLogon for persistence
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-