General
-
Target
f22e44ce0a211e269675e7f83a1671ac_JaffaCakes118
-
Size
172KB
-
Sample
241215-ekd4fatkes
-
MD5
f22e44ce0a211e269675e7f83a1671ac
-
SHA1
4aa196c923cb820c5e7c9a73a45ca7051c8995f5
-
SHA256
b4e7d61c7bc8d1de5cef00631f590944604df0a35c1da3c9387f6ed13ba831a5
-
SHA512
4bd2180ee5a98effd5fb643f7bb16cbf7d8d919fb32fb3c350d01ab1e664534f3c24dfaaaf1d2ed7a88d3114c2aaf2f4862157faca9744c3010ed24dbffd3271
-
SSDEEP
3072:jIs0loJfuALqzYjZ6HXg6TdwXy9ngQXcqNhbJVuHE/y/COPfaRYv0qQxA/9T0:7UoNgYjKgmdyigQXHhdoH2yZPftv0+
Malware Config
Targets
-
-
Target
f22e44ce0a211e269675e7f83a1671ac_JaffaCakes118
-
Size
172KB
-
MD5
f22e44ce0a211e269675e7f83a1671ac
-
SHA1
4aa196c923cb820c5e7c9a73a45ca7051c8995f5
-
SHA256
b4e7d61c7bc8d1de5cef00631f590944604df0a35c1da3c9387f6ed13ba831a5
-
SHA512
4bd2180ee5a98effd5fb643f7bb16cbf7d8d919fb32fb3c350d01ab1e664534f3c24dfaaaf1d2ed7a88d3114c2aaf2f4862157faca9744c3010ed24dbffd3271
-
SSDEEP
3072:jIs0loJfuALqzYjZ6HXg6TdwXy9ngQXcqNhbJVuHE/y/COPfaRYv0qQxA/9T0:7UoNgYjKgmdyigQXHhdoH2yZPftv0+
Score10/10-
Cycbot
Cycbot is a backdoor and trojan written in C++..
-
Cycbot family
-
Detects Cycbot payload
Cycbot is a backdoor and trojan written in C++.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Adds Run key to start application
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-