General
-
Target
fae1c8b620dc64415227f36408a83c57_JaffaCakes118
-
Size
184KB
-
Sample
241218-ksqp4asjht
-
MD5
fae1c8b620dc64415227f36408a83c57
-
SHA1
7bbcdb378d141a1f7af1da63369b0e7aad8e5235
-
SHA256
b15360d4a76354cbc0dcec4fc03f527f734a16ab923f874c5e5b7f633cb5e805
-
SHA512
95dc345b29dbc1b7a53cf54295442c55337bc13a0b07fdaac825e31a9088a97c15e6603db539c7d53b0d8fe05b999fe94d6932c3949d13d0eb16dbfa347548c6
-
SSDEEP
3072:b4ebMAvdJrQGuLIn2s8m2HF8LqCHfXeKHxbBgYJiH0yCKuv8Lc+5:8AvTrTaJs8m2HunXnRNBJiH0yC5s
Malware Config
Targets
-
-
Target
fae1c8b620dc64415227f36408a83c57_JaffaCakes118
-
Size
184KB
-
MD5
fae1c8b620dc64415227f36408a83c57
-
SHA1
7bbcdb378d141a1f7af1da63369b0e7aad8e5235
-
SHA256
b15360d4a76354cbc0dcec4fc03f527f734a16ab923f874c5e5b7f633cb5e805
-
SHA512
95dc345b29dbc1b7a53cf54295442c55337bc13a0b07fdaac825e31a9088a97c15e6603db539c7d53b0d8fe05b999fe94d6932c3949d13d0eb16dbfa347548c6
-
SSDEEP
3072:b4ebMAvdJrQGuLIn2s8m2HF8LqCHfXeKHxbBgYJiH0yCKuv8Lc+5:8AvTrTaJs8m2HunXnRNBJiH0yC5s
Score10/10-
Cycbot
Cycbot is a backdoor and trojan written in C++..
-
Cycbot family
-
Detects Cycbot payload
Cycbot is a backdoor and trojan written in C++.
-
Modifies WinLogon for persistence
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-