General
-
Target
efef3aa799d18128f6198c33a503ef27_JaffaCakes118
-
Size
195KB
-
Sample
241214-v8x48ayrht
-
MD5
efef3aa799d18128f6198c33a503ef27
-
SHA1
b8ccbbb683a03d5013c1e9081a4e49960ddfe706
-
SHA256
85b47ed30e3e470af594380e5b80867d5f02ab88883f60f42c372f283443515c
-
SHA512
7fe3038c3877546ce47c2f800e0fc44944a6b47b9ab3b08b69a309f2d309c7c12fbf16bf67b9bc6418228a387abdd9b974ebc79a5d3ded4563ad5430f570dc02
-
SSDEEP
3072:Mn47PND/60tW2D2oFPPHBUOfaZzsHH9CAjJBdpOfUmBtRdQQ4kOFJXTY9SMI:WkPp6P2D2GXHzDnIoVpHmBtPR8ZpM
Malware Config
Targets
-
-
Target
efef3aa799d18128f6198c33a503ef27_JaffaCakes118
-
Size
195KB
-
MD5
efef3aa799d18128f6198c33a503ef27
-
SHA1
b8ccbbb683a03d5013c1e9081a4e49960ddfe706
-
SHA256
85b47ed30e3e470af594380e5b80867d5f02ab88883f60f42c372f283443515c
-
SHA512
7fe3038c3877546ce47c2f800e0fc44944a6b47b9ab3b08b69a309f2d309c7c12fbf16bf67b9bc6418228a387abdd9b974ebc79a5d3ded4563ad5430f570dc02
-
SSDEEP
3072:Mn47PND/60tW2D2oFPPHBUOfaZzsHH9CAjJBdpOfUmBtRdQQ4kOFJXTY9SMI:WkPp6P2D2GXHzDnIoVpHmBtPR8ZpM
Score10/10-
Cycbot
Cycbot is a backdoor and trojan written in C++..
-
Cycbot family
-
Detects Cycbot payload
Cycbot is a backdoor and trojan written in C++.
-
Modifies WinLogon for persistence
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-