General
-
Target
f65953064573c45a925f00aa50545a71_JaffaCakes118
-
Size
171KB
-
Sample
241216-ace9batmaw
-
MD5
f65953064573c45a925f00aa50545a71
-
SHA1
5e28cbc7b4d48e2fd529b563964e490bbdd44e61
-
SHA256
b706ccbb9fd0401fe3ac0bb6799ca29c031de6eb9c2f859f60442a02e96c8308
-
SHA512
164683d2b8aaa0b7ab939c43fa666acc669efe8c8d6c6743d26780f763a23d48943486d00e8592b8520e2d24981e70716bb5b3a7568ae3d7d0534e9177014813
-
SSDEEP
3072:/9ocr+PgxoG7R/T4Js8o1xlPU6GYYdNeYT/vYRwxR7QCBZwPPB9RfRn/FDyJ6:/VyGvt20vl6YYdNeWYRwzEXPpjGJ6
Malware Config
Targets
-
-
Target
f65953064573c45a925f00aa50545a71_JaffaCakes118
-
Size
171KB
-
MD5
f65953064573c45a925f00aa50545a71
-
SHA1
5e28cbc7b4d48e2fd529b563964e490bbdd44e61
-
SHA256
b706ccbb9fd0401fe3ac0bb6799ca29c031de6eb9c2f859f60442a02e96c8308
-
SHA512
164683d2b8aaa0b7ab939c43fa666acc669efe8c8d6c6743d26780f763a23d48943486d00e8592b8520e2d24981e70716bb5b3a7568ae3d7d0534e9177014813
-
SSDEEP
3072:/9ocr+PgxoG7R/T4Js8o1xlPU6GYYdNeYT/vYRwxR7QCBZwPPB9RfRn/FDyJ6:/VyGvt20vl6YYdNeWYRwzEXPpjGJ6
Score10/10-
Cycbot
Cycbot is a backdoor and trojan written in C++..
-
Cycbot family
-
Detects Cycbot payload
Cycbot is a backdoor and trojan written in C++.
-
Modifies WinLogon for persistence
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-