General
-
Target
f7b2f2255010c0f47614dd4328cf8de3_JaffaCakes118
-
Size
182KB
-
Sample
241216-g2mg9axqdy
-
MD5
f7b2f2255010c0f47614dd4328cf8de3
-
SHA1
28583e79542d08552365c38b690b5bcde7de699c
-
SHA256
e1c673dabe9a00662939ae5ad0dce3bcf81aebed0b21bf51f2e49b220bf63ead
-
SHA512
12954920361eefd4277503f17f3431e45316c93bd6b6ece27df2d023f9eccb7c5d2b730ca0708538404621273374f817842e8e18b1fbf341df15895eb1a10603
-
SSDEEP
3072:I0p0irQstIKCPyLnN8pVTezgIzfFe6Lp91uSmY8C0qoaIoJH/9BiupNH+JLFAFYh:5QsuKCPyDGpVTez7fFea+SmY8C0CIoJ/
Malware Config
Targets
-
-
Target
f7b2f2255010c0f47614dd4328cf8de3_JaffaCakes118
-
Size
182KB
-
MD5
f7b2f2255010c0f47614dd4328cf8de3
-
SHA1
28583e79542d08552365c38b690b5bcde7de699c
-
SHA256
e1c673dabe9a00662939ae5ad0dce3bcf81aebed0b21bf51f2e49b220bf63ead
-
SHA512
12954920361eefd4277503f17f3431e45316c93bd6b6ece27df2d023f9eccb7c5d2b730ca0708538404621273374f817842e8e18b1fbf341df15895eb1a10603
-
SSDEEP
3072:I0p0irQstIKCPyLnN8pVTezgIzfFe6Lp91uSmY8C0qoaIoJH/9BiupNH+JLFAFYh:5QsuKCPyDGpVTez7fFea+SmY8C0CIoJ/
Score10/10-
Cycbot
Cycbot is a backdoor and trojan written in C++..
-
Cycbot family
-
Detects Cycbot payload
Cycbot is a backdoor and trojan written in C++.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Adds Run key to start application
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-