General
-
Target
e8093b46dddc0bcba074968e5a6b33c5_JaffaCakes118
-
Size
172KB
-
Sample
241212-yqtkvswjhy
-
MD5
e8093b46dddc0bcba074968e5a6b33c5
-
SHA1
934dbc167f20e6f592b193db0f2532aecbdd1004
-
SHA256
3cb2a63bfeab8a67731332b7f61675aa13344d26445e8df2932fcc790d0f314b
-
SHA512
d6171bd08aae1e7b967da1c5ea0aa321ead3d26910bcfc089df4f8191892ef76a9f609cbf9896e3ed79803b7870febe723bb1582dcc45a2c1b1007b6db8c2ac3
-
SSDEEP
3072:MNWW+DLaq5zn1w6+/Mdpt2l2Ha8YExPeOWL9YpW8Q4LGWF9wh7hN6cK9XGWDoIkR:MNfMLaUeYd4268YEWOWBYg+gthN6cK9g
Malware Config
Targets
-
-
Target
e8093b46dddc0bcba074968e5a6b33c5_JaffaCakes118
-
Size
172KB
-
MD5
e8093b46dddc0bcba074968e5a6b33c5
-
SHA1
934dbc167f20e6f592b193db0f2532aecbdd1004
-
SHA256
3cb2a63bfeab8a67731332b7f61675aa13344d26445e8df2932fcc790d0f314b
-
SHA512
d6171bd08aae1e7b967da1c5ea0aa321ead3d26910bcfc089df4f8191892ef76a9f609cbf9896e3ed79803b7870febe723bb1582dcc45a2c1b1007b6db8c2ac3
-
SSDEEP
3072:MNWW+DLaq5zn1w6+/Mdpt2l2Ha8YExPeOWL9YpW8Q4LGWF9wh7hN6cK9XGWDoIkR:MNfMLaUeYd4268YEWOWBYg+gthN6cK9g
Score10/10-
Cycbot
Cycbot is a backdoor and trojan written in C++..
-
Cycbot family
-
Detects Cycbot payload
Cycbot is a backdoor and trojan written in C++.
-
Modifies WinLogon for persistence
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-