General
-
Target
e1cfabd400713b2926a8217f5c63e830_JaffaCakes118
-
Size
174KB
-
Sample
241211-rfsr9aznej
-
MD5
e1cfabd400713b2926a8217f5c63e830
-
SHA1
f6e820e18302bd03d019d666ccbebfc047e854de
-
SHA256
b685112151dac91b905e135bc7013f4f3a0b864bc0ea1f21e40007f749474384
-
SHA512
cdacf68e5e1c681ddc367c6afec58725ebec5a6158536d16a669192e2aacb17424b1ec0ac2cc26c53416d58a628547fd206cd171e246f2edcfc6351c9908fb00
-
SSDEEP
3072:V+XGV3JIxczDgznrwD5UTVCmif0J6L3/bhwoyjsdwU1dwG2zFv8BPlaXd:V+WVZIxczDGEDSTpJ6L3+0SxSPl2
Malware Config
Targets
-
-
Target
e1cfabd400713b2926a8217f5c63e830_JaffaCakes118
-
Size
174KB
-
MD5
e1cfabd400713b2926a8217f5c63e830
-
SHA1
f6e820e18302bd03d019d666ccbebfc047e854de
-
SHA256
b685112151dac91b905e135bc7013f4f3a0b864bc0ea1f21e40007f749474384
-
SHA512
cdacf68e5e1c681ddc367c6afec58725ebec5a6158536d16a669192e2aacb17424b1ec0ac2cc26c53416d58a628547fd206cd171e246f2edcfc6351c9908fb00
-
SSDEEP
3072:V+XGV3JIxczDgznrwD5UTVCmif0J6L3/bhwoyjsdwU1dwG2zFv8BPlaXd:V+WVZIxczDGEDSTpJ6L3+0SxSPl2
Score10/10-
Cycbot
Cycbot is a backdoor and trojan written in C++..
-
Cycbot family
-
Detects Cycbot payload
Cycbot is a backdoor and trojan written in C++.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Adds Run key to start application
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-