General
-
Target
ff99e9716fc1b552aa546aa53f64e083_JaffaCakes118
-
Size
166KB
-
Sample
241219-m5ybtaskaq
-
MD5
ff99e9716fc1b552aa546aa53f64e083
-
SHA1
c5e50089a0645ef215ddc38b387858892db1033b
-
SHA256
57ea452f46004366ebd8a2c47dcdbad93c6dcfb0d704ff6ec41e13f97b206258
-
SHA512
ff6da5c2b5d36d51477ea5ce1e8ef5814695d83df42840c058f35db5c4ad6530c0cfd0dde23c30daf98ae79b214be83126111dc1374cbe6cc855bdcd444f1fbc
-
SSDEEP
3072:dLVnKCZk+IFAUY/8dWFJVcVvLqCv80KsDFCXlvdHArtX8S+TJ38eHxYIx2X7:dLdk+eAV/8d4AzqCvn9FCXlVgp0NHU
Malware Config
Targets
-
-
Target
ff99e9716fc1b552aa546aa53f64e083_JaffaCakes118
-
Size
166KB
-
MD5
ff99e9716fc1b552aa546aa53f64e083
-
SHA1
c5e50089a0645ef215ddc38b387858892db1033b
-
SHA256
57ea452f46004366ebd8a2c47dcdbad93c6dcfb0d704ff6ec41e13f97b206258
-
SHA512
ff6da5c2b5d36d51477ea5ce1e8ef5814695d83df42840c058f35db5c4ad6530c0cfd0dde23c30daf98ae79b214be83126111dc1374cbe6cc855bdcd444f1fbc
-
SSDEEP
3072:dLVnKCZk+IFAUY/8dWFJVcVvLqCv80KsDFCXlvdHArtX8S+TJ38eHxYIx2X7:dLdk+eAV/8d4AzqCvn9FCXlVgp0NHU
Score10/10-
Cycbot
Cycbot is a backdoor and trojan written in C++..
-
Cycbot family
-
Detects Cycbot payload
Cycbot is a backdoor and trojan written in C++.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Adds Run key to start application
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-