General
-
Target
eea249bcdd0d2acf69655bc5adb1fc13_JaffaCakes118
-
Size
173KB
-
Sample
241214-n27lraspak
-
MD5
eea249bcdd0d2acf69655bc5adb1fc13
-
SHA1
bb81179acc434a470b10c8d7e19765c60176f66c
-
SHA256
bb592e71f9723732693985f74eaf4c3b3afc289e2c623087cdd6791108659a4f
-
SHA512
182678e55715172bd22f08d245fafa53f202a40203bf220c9d0ee54feaa9b4a6f131193e124131900cfd97ce4c8dfa94efe8a6ede727737dd1421054bd33cf19
-
SSDEEP
3072:NeMmkP7JvG7877LfMedWxqDtIbGqqT/MJZkjadWmZn3pjuj8AjHS75rpxB:5dGjuWTGqqT/IXd5R5ju4AI
Malware Config
Targets
-
-
Target
eea249bcdd0d2acf69655bc5adb1fc13_JaffaCakes118
-
Size
173KB
-
MD5
eea249bcdd0d2acf69655bc5adb1fc13
-
SHA1
bb81179acc434a470b10c8d7e19765c60176f66c
-
SHA256
bb592e71f9723732693985f74eaf4c3b3afc289e2c623087cdd6791108659a4f
-
SHA512
182678e55715172bd22f08d245fafa53f202a40203bf220c9d0ee54feaa9b4a6f131193e124131900cfd97ce4c8dfa94efe8a6ede727737dd1421054bd33cf19
-
SSDEEP
3072:NeMmkP7JvG7877LfMedWxqDtIbGqqT/MJZkjadWmZn3pjuj8AjHS75rpxB:5dGjuWTGqqT/IXd5R5ju4AI
Score10/10-
Cycbot
Cycbot is a backdoor and trojan written in C++..
-
Cycbot family
-
Detects Cycbot payload
Cycbot is a backdoor and trojan written in C++.
-
Modifies WinLogon for persistence
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-