General
-
Target
e9981d36726dbb73c41a9cb316b7216e_JaffaCakes118
-
Size
168KB
-
Sample
241213-dldcvswqgy
-
MD5
e9981d36726dbb73c41a9cb316b7216e
-
SHA1
4e68febd2d459b49d87571b94cf379501cfb0dae
-
SHA256
f5d62333bef69a364a02add353740faba3c8cca6d0ce61296d9f2ad0e93b5af8
-
SHA512
b0d9bc4c7c48975bba102d54a2e72acb1f6a16d0e651f3d37ebbdd70595032a5a7c22ce0b5dca29aa88c93d8d16280674faa3a7eb014e3506eddaffb917eccff
-
SSDEEP
3072:FUdo2Ikz/Kf4fvD0b+8rHNI/o8zUhJIOxX669D4/15DxG7ls19+PHQ9:uO2IWKf4fvC+au/sPhonDouaPHQ9
Malware Config
Targets
-
-
Target
e9981d36726dbb73c41a9cb316b7216e_JaffaCakes118
-
Size
168KB
-
MD5
e9981d36726dbb73c41a9cb316b7216e
-
SHA1
4e68febd2d459b49d87571b94cf379501cfb0dae
-
SHA256
f5d62333bef69a364a02add353740faba3c8cca6d0ce61296d9f2ad0e93b5af8
-
SHA512
b0d9bc4c7c48975bba102d54a2e72acb1f6a16d0e651f3d37ebbdd70595032a5a7c22ce0b5dca29aa88c93d8d16280674faa3a7eb014e3506eddaffb917eccff
-
SSDEEP
3072:FUdo2Ikz/Kf4fvD0b+8rHNI/o8zUhJIOxX669D4/15DxG7ls19+PHQ9:uO2IWKf4fvC+au/sPhonDouaPHQ9
Score10/10-
Cycbot
Cycbot is a backdoor and trojan written in C++..
-
Cycbot family
-
Detects Cycbot payload
Cycbot is a backdoor and trojan written in C++.
-
Modifies WinLogon for persistence
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-