General
-
Target
f00b22133decb7741075874e71c7f044_JaffaCakes118
-
Size
179KB
-
Sample
241214-wr2azsznat
-
MD5
f00b22133decb7741075874e71c7f044
-
SHA1
df7ec7102a71f2cab5a9371e94e681348c3d6482
-
SHA256
b2211ed17c01dc1d776917f2118523861019cf31bb5950b2df66558e1eda2b50
-
SHA512
479f22801709b3347e88a276fcafd60b4c2d5d372768a42396e28bd3d8d2a78546915bf156b082b50d2090f310dea0a2438835e75d4a619ef9b916070f890e3a
-
SSDEEP
3072:dzsZiout/AXYFpqBGygV8XyrH7HqQyAUdiSQPdaTQe1cuhk8OVcs6IHLaD7ZOhjY:aZjuAXYLqBpgVkkHTDUd9Q1a8rH8OVPK
Malware Config
Targets
-
-
Target
f00b22133decb7741075874e71c7f044_JaffaCakes118
-
Size
179KB
-
MD5
f00b22133decb7741075874e71c7f044
-
SHA1
df7ec7102a71f2cab5a9371e94e681348c3d6482
-
SHA256
b2211ed17c01dc1d776917f2118523861019cf31bb5950b2df66558e1eda2b50
-
SHA512
479f22801709b3347e88a276fcafd60b4c2d5d372768a42396e28bd3d8d2a78546915bf156b082b50d2090f310dea0a2438835e75d4a619ef9b916070f890e3a
-
SSDEEP
3072:dzsZiout/AXYFpqBGygV8XyrH7HqQyAUdiSQPdaTQe1cuhk8OVcs6IHLaD7ZOhjY:aZjuAXYLqBpgVkkHTDUd9Q1a8rH8OVPK
Score10/10-
Cycbot
Cycbot is a backdoor and trojan written in C++..
-
Cycbot family
-
Detects Cycbot payload
Cycbot is a backdoor and trojan written in C++.
-
Modifies WinLogon for persistence
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-