General
-
Target
ed14d36ef751292185845576e9310e1b_JaffaCakes118
-
Size
191KB
-
Sample
241213-2r4c8sslem
-
MD5
ed14d36ef751292185845576e9310e1b
-
SHA1
af05b4d1399e6b101ac91d0a1024c7838b15d09c
-
SHA256
e9732b3134c86949f6bb3b983a490bdd77a8edfe1b6f3122a3560341948a644f
-
SHA512
128a4fcff995814705ccacf3ba527b4718eefb48e0a259af97609ccd0729499d3f51bdeeb184e8d2d2e02da33ecca9ed4410a916a64e4424a5124bebd7e387a1
-
SSDEEP
3072:u8Jms5o+YrlOhGOyy8KaBiQbBvEBGhxXEvIxntMut9jwJRF8ejb+O8Ak9NJ:u8JmCF3h7yhKuH1vEQFEvINSuDjkgqKl
Malware Config
Targets
-
-
Target
ed14d36ef751292185845576e9310e1b_JaffaCakes118
-
Size
191KB
-
MD5
ed14d36ef751292185845576e9310e1b
-
SHA1
af05b4d1399e6b101ac91d0a1024c7838b15d09c
-
SHA256
e9732b3134c86949f6bb3b983a490bdd77a8edfe1b6f3122a3560341948a644f
-
SHA512
128a4fcff995814705ccacf3ba527b4718eefb48e0a259af97609ccd0729499d3f51bdeeb184e8d2d2e02da33ecca9ed4410a916a64e4424a5124bebd7e387a1
-
SSDEEP
3072:u8Jms5o+YrlOhGOyy8KaBiQbBvEBGhxXEvIxntMut9jwJRF8ejb+O8Ak9NJ:u8JmCF3h7yhKuH1vEQFEvINSuDjkgqKl
Score10/10-
Cycbot
Cycbot is a backdoor and trojan written in C++..
-
Cycbot family
-
Detects Cycbot payload
Cycbot is a backdoor and trojan written in C++.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-