General
-
Target
fdbb13ab3047f47d961b7bb814717b0c_JaffaCakes118
-
Size
184KB
-
Sample
241219-axgymszlhm
-
MD5
fdbb13ab3047f47d961b7bb814717b0c
-
SHA1
b9521309c9241b87867f1bc96d66cf5629f2543b
-
SHA256
7872d6bd81f83ae74492b5724bf9cbb69feacb37450cfc5269a719eb1caf0ce8
-
SHA512
2f6c5a69e4c0d43355ddfbe8e32dcb04ff9d0b12214f39ae53dbae87b1a2a7d4452de6832e7fbb286831c88660b8cbf80d6b1b46eeaa124b0ce49f4e0f8dbfa5
-
SSDEEP
3072:evX3OzJxnt5hxLqPFRs+eEDv0qv+CUqZiu034z3k29eFBtYV8HhC/u8t3uwL:efAVxeRnPtZR1zUgJVMhC3t+wL
Malware Config
Targets
-
-
Target
fdbb13ab3047f47d961b7bb814717b0c_JaffaCakes118
-
Size
184KB
-
MD5
fdbb13ab3047f47d961b7bb814717b0c
-
SHA1
b9521309c9241b87867f1bc96d66cf5629f2543b
-
SHA256
7872d6bd81f83ae74492b5724bf9cbb69feacb37450cfc5269a719eb1caf0ce8
-
SHA512
2f6c5a69e4c0d43355ddfbe8e32dcb04ff9d0b12214f39ae53dbae87b1a2a7d4452de6832e7fbb286831c88660b8cbf80d6b1b46eeaa124b0ce49f4e0f8dbfa5
-
SSDEEP
3072:evX3OzJxnt5hxLqPFRs+eEDv0qv+CUqZiu034z3k29eFBtYV8HhC/u8t3uwL:efAVxeRnPtZR1zUgJVMhC3t+wL
Score10/10-
Cycbot
Cycbot is a backdoor and trojan written in C++..
-
Cycbot family
-
Detects Cycbot payload
Cycbot is a backdoor and trojan written in C++.
-
Modifies WinLogon for persistence
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-