General
-
Target
e3f540d2c1bec03f3dacc75d0057b942_JaffaCakes118
-
Size
176KB
-
Sample
241212-a8b7jayper
-
MD5
e3f540d2c1bec03f3dacc75d0057b942
-
SHA1
ce65f2ba83a7d9d997566c60ff0f43fe8565d348
-
SHA256
319edcd705e76c1ae09e9ef383a964a042c71d6cd859f6181ab7b16d678e4afe
-
SHA512
b7c81f66d52be1a28049d8f7220453611cee326f6ccbf458b37aa0f1ca4f7b36fc4303d381aeb62ddb0623f0b45f6b779a4dc6b7380f843d1cb98a086d190baa
-
SSDEEP
3072:/CsNAKJx/U5Z5X81JAhMcQM3+2Kl9Vd/PwmJ35I7EFEes5iPMARCksh2c6JNB5oS:/DAQG5GJgMcvgl/Pwc36OpXR+hF6z7bX
Malware Config
Targets
-
-
Target
e3f540d2c1bec03f3dacc75d0057b942_JaffaCakes118
-
Size
176KB
-
MD5
e3f540d2c1bec03f3dacc75d0057b942
-
SHA1
ce65f2ba83a7d9d997566c60ff0f43fe8565d348
-
SHA256
319edcd705e76c1ae09e9ef383a964a042c71d6cd859f6181ab7b16d678e4afe
-
SHA512
b7c81f66d52be1a28049d8f7220453611cee326f6ccbf458b37aa0f1ca4f7b36fc4303d381aeb62ddb0623f0b45f6b779a4dc6b7380f843d1cb98a086d190baa
-
SSDEEP
3072:/CsNAKJx/U5Z5X81JAhMcQM3+2Kl9Vd/PwmJ35I7EFEes5iPMARCksh2c6JNB5oS:/DAQG5GJgMcvgl/Pwc36OpXR+hF6z7bX
Score10/10-
Cycbot
Cycbot is a backdoor and trojan written in C++..
-
Cycbot family
-
Detects Cycbot payload
Cycbot is a backdoor and trojan written in C++.
-
Modifies WinLogon for persistence
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-