General
-
Target
ffb1758d5658f6b3158e3f547571f581_JaffaCakes118
-
Size
186KB
-
Sample
241219-nnec2ssrcm
-
MD5
ffb1758d5658f6b3158e3f547571f581
-
SHA1
7a0a5b3ca7725de8fea6a8b4fc3548acb92ae4b9
-
SHA256
b5ebd1807c7ba566efa0aa67411e13dcc41a2474a5c210d915dadd9e34c31cce
-
SHA512
d7172613b9cc9d61464e2eafbb04b6623cca4bae28d5557b95ad9a0ce910d4ab19f9c9a5f245edc805157e552a2a981e3299ab1ffcf193a12429adbd045e7b0b
-
SSDEEP
3072:vAhjPlxyPDatxM8NMW9jKIkV6kSSp91vorArlX3PyYgJcigrJBc4lj0g1jEW:vAhblxg2kZE7FSprvswaAiS/VljrE
Malware Config
Targets
-
-
Target
ffb1758d5658f6b3158e3f547571f581_JaffaCakes118
-
Size
186KB
-
MD5
ffb1758d5658f6b3158e3f547571f581
-
SHA1
7a0a5b3ca7725de8fea6a8b4fc3548acb92ae4b9
-
SHA256
b5ebd1807c7ba566efa0aa67411e13dcc41a2474a5c210d915dadd9e34c31cce
-
SHA512
d7172613b9cc9d61464e2eafbb04b6623cca4bae28d5557b95ad9a0ce910d4ab19f9c9a5f245edc805157e552a2a981e3299ab1ffcf193a12429adbd045e7b0b
-
SSDEEP
3072:vAhjPlxyPDatxM8NMW9jKIkV6kSSp91vorArlX3PyYgJcigrJBc4lj0g1jEW:vAhblxg2kZE7FSprvswaAiS/VljrE
Score10/10-
Cycbot
Cycbot is a backdoor and trojan written in C++..
-
Cycbot family
-
Detects Cycbot payload
Cycbot is a backdoor and trojan written in C++.
-
Modifies WinLogon for persistence
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-