General
-
Target
fd4575948af4915c4cbeabfec0ef3675_JaffaCakes118
-
Size
178KB
-
Sample
241218-1tjk6stqfm
-
MD5
fd4575948af4915c4cbeabfec0ef3675
-
SHA1
fed1aa052d6c28c0668f1d24dcf5ba03ace24266
-
SHA256
e5a1b30146921c278a8d7a4f19e96c5a742cfc4d683d27e73c7e23f2c324f763
-
SHA512
03b0246b4c55c5b62a528d9a6410295c9374978e35a21e1b1d98550720bdde47fb4c27d5a74cea2fae1e6588423e9d6030adbab1ecd3ec117794048a0f92b265
-
SSDEEP
3072:jPajLWEGUhzyvHUpykkZWeS1B7a4GF7/hYYbqbdd+LjMI9gxj2ZJsZ:jPafW5AS0IWe0B7a4GZ3+pejMhxj2ZJ0
Malware Config
Targets
-
-
Target
fd4575948af4915c4cbeabfec0ef3675_JaffaCakes118
-
Size
178KB
-
MD5
fd4575948af4915c4cbeabfec0ef3675
-
SHA1
fed1aa052d6c28c0668f1d24dcf5ba03ace24266
-
SHA256
e5a1b30146921c278a8d7a4f19e96c5a742cfc4d683d27e73c7e23f2c324f763
-
SHA512
03b0246b4c55c5b62a528d9a6410295c9374978e35a21e1b1d98550720bdde47fb4c27d5a74cea2fae1e6588423e9d6030adbab1ecd3ec117794048a0f92b265
-
SSDEEP
3072:jPajLWEGUhzyvHUpykkZWeS1B7a4GF7/hYYbqbdd+LjMI9gxj2ZJsZ:jPafW5AS0IWe0B7a4GZ3+pejMhxj2ZJ0
Score10/10-
Cycbot
Cycbot is a backdoor and trojan written in C++..
-
Cycbot family
-
Detects Cycbot payload
Cycbot is a backdoor and trojan written in C++.
-
Modifies WinLogon for persistence
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-