General
-
Target
e3d729008ed808f563b68f06cfb2c093_JaffaCakes118
-
Size
189KB
-
Sample
241212-al71patmbs
-
MD5
e3d729008ed808f563b68f06cfb2c093
-
SHA1
f780bc199468766258ff509aa7adb1500912bc7b
-
SHA256
747bd403b404279ad7981079bb1a8dee9e00aefa2e1f623341607d85c43638fd
-
SHA512
720ba86a144028a39306ea1f1800d2d95f82e8273413ea27c8a57fd3f5794fed3469bee399359d7ec21f255445a65a39a76babf9053c8e79df33cc2ad2139560
-
SSDEEP
3072:BE6+FFjTnlUhu0DyQCKEDzvEJ5VPmYSq344mhmtW35EadFDuozOzL:ubB6jyQCK665UYSqIxmqE+FDuoIL
Malware Config
Targets
-
-
Target
e3d729008ed808f563b68f06cfb2c093_JaffaCakes118
-
Size
189KB
-
MD5
e3d729008ed808f563b68f06cfb2c093
-
SHA1
f780bc199468766258ff509aa7adb1500912bc7b
-
SHA256
747bd403b404279ad7981079bb1a8dee9e00aefa2e1f623341607d85c43638fd
-
SHA512
720ba86a144028a39306ea1f1800d2d95f82e8273413ea27c8a57fd3f5794fed3469bee399359d7ec21f255445a65a39a76babf9053c8e79df33cc2ad2139560
-
SSDEEP
3072:BE6+FFjTnlUhu0DyQCKEDzvEJ5VPmYSq344mhmtW35EadFDuozOzL:ubB6jyQCK665UYSqIxmqE+FDuoIL
Score10/10-
Cycbot
Cycbot is a backdoor and trojan written in C++..
-
Cycbot family
-
Detects Cycbot payload
Cycbot is a backdoor and trojan written in C++.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Adds Run key to start application
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-