General
-
Target
fb34855b4d25f6d0b5e9cf19333c2567_JaffaCakes118
-
Size
179KB
-
Sample
241218-mp2paswqgl
-
MD5
fb34855b4d25f6d0b5e9cf19333c2567
-
SHA1
76adab16924d612346c0d328bce496be8086ceb8
-
SHA256
630687176413d8e68dec7840c3c88e1f7a65f8cd6d402f887591b76bf6465d35
-
SHA512
3e9ea5c5d08eb80c3d32ef7c7574ce88b872447142303bef0f63248c90513f57a8a90a1ed2625a91e86ce8e5e6385bba6d7884b1ae780f9244d941e82dcf60e8
-
SSDEEP
3072:H/1Y3dTmqeHrJ8rMG9gdy56SineLakifm510IeEUpZ8+SQMqJAK0V:9Y3YqeHrg2sOneLamjcJ/8+SQMsAv
Malware Config
Targets
-
-
Target
fb34855b4d25f6d0b5e9cf19333c2567_JaffaCakes118
-
Size
179KB
-
MD5
fb34855b4d25f6d0b5e9cf19333c2567
-
SHA1
76adab16924d612346c0d328bce496be8086ceb8
-
SHA256
630687176413d8e68dec7840c3c88e1f7a65f8cd6d402f887591b76bf6465d35
-
SHA512
3e9ea5c5d08eb80c3d32ef7c7574ce88b872447142303bef0f63248c90513f57a8a90a1ed2625a91e86ce8e5e6385bba6d7884b1ae780f9244d941e82dcf60e8
-
SSDEEP
3072:H/1Y3dTmqeHrJ8rMG9gdy56SineLakifm510IeEUpZ8+SQMqJAK0V:9Y3YqeHrg2sOneLamjcJ/8+SQMsAv
Score10/10-
Cycbot
Cycbot is a backdoor and trojan written in C++..
-
Cycbot family
-
Detects Cycbot payload
Cycbot is a backdoor and trojan written in C++.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Adds Run key to start application
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-