General
-
Target
fb7ef3489999a8c0dbbf3ab3d1a52e9f_JaffaCakes118
-
Size
192KB
-
Sample
241218-pd5ypaykgs
-
MD5
fb7ef3489999a8c0dbbf3ab3d1a52e9f
-
SHA1
c693364964d2eb6089adbf4fea6633759a2f159e
-
SHA256
b29badfe1d05f069c0f6e0e63771a11c9e65e18241186d952b9ee1b86dc22a9c
-
SHA512
3aea7c967a3218f3ca1222ab06faa2e0f0b8e1dc463dc4c03d75115025c0cd09ff357ec59737b961cee954ed37edc04af317010002c66e64d4f32d93c73c06a1
-
SSDEEP
3072:7ZcAnmLBUnEj04GIYOvqdjqyd8KfG4Sd47pXQiBuAPPOQFJsfoCPB:7ZamnEjJGIbCdfbeopXQiBfPLFyoCPB
Malware Config
Targets
-
-
Target
fb7ef3489999a8c0dbbf3ab3d1a52e9f_JaffaCakes118
-
Size
192KB
-
MD5
fb7ef3489999a8c0dbbf3ab3d1a52e9f
-
SHA1
c693364964d2eb6089adbf4fea6633759a2f159e
-
SHA256
b29badfe1d05f069c0f6e0e63771a11c9e65e18241186d952b9ee1b86dc22a9c
-
SHA512
3aea7c967a3218f3ca1222ab06faa2e0f0b8e1dc463dc4c03d75115025c0cd09ff357ec59737b961cee954ed37edc04af317010002c66e64d4f32d93c73c06a1
-
SSDEEP
3072:7ZcAnmLBUnEj04GIYOvqdjqyd8KfG4Sd47pXQiBuAPPOQFJsfoCPB:7ZamnEjJGIbCdfbeopXQiBfPLFyoCPB
Score10/10-
Cycbot
Cycbot is a backdoor and trojan written in C++..
-
Cycbot family
-
Detects Cycbot payload
Cycbot is a backdoor and trojan written in C++.
-
Modifies WinLogon for persistence
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-