General
-
Target
JaffaCakes118_630ae8ca05ce892e1506e7dedc918745
-
Size
158KB
-
Sample
250102-gkwdtswpe1
-
MD5
630ae8ca05ce892e1506e7dedc918745
-
SHA1
ee71a61541175b2f30d9305891a3eb612d79caa1
-
SHA256
2400f7f98f83468d53409430a71705144897ca831a4c570ed9646ef3d730a5b9
-
SHA512
3da5c950b401d9b1c5066a5ee7be09a7322f36e7a18c05f90a97a9d8c07a53db32cae9ff3e2ba3aba3a10642d30980b5e026fbb7a519e1b1adcd9ec9625be6fa
-
SSDEEP
3072:VqePYNNGV8GnDq0e0b0XXH+qx6RlLjWbo2qVPtvTxzODFbZltJJLxU9AW:VFYNA8GnDq0Bb7qxUlLakPtvTtmtl29
Malware Config
Targets
-
-
Target
JaffaCakes118_630ae8ca05ce892e1506e7dedc918745
-
Size
158KB
-
MD5
630ae8ca05ce892e1506e7dedc918745
-
SHA1
ee71a61541175b2f30d9305891a3eb612d79caa1
-
SHA256
2400f7f98f83468d53409430a71705144897ca831a4c570ed9646ef3d730a5b9
-
SHA512
3da5c950b401d9b1c5066a5ee7be09a7322f36e7a18c05f90a97a9d8c07a53db32cae9ff3e2ba3aba3a10642d30980b5e026fbb7a519e1b1adcd9ec9625be6fa
-
SSDEEP
3072:VqePYNNGV8GnDq0e0b0XXH+qx6RlLjWbo2qVPtvTxzODFbZltJJLxU9AW:VFYNA8GnDq0Bb7qxUlLakPtvTtmtl29
Score10/10-
Cycbot
Cycbot is a backdoor and trojan written in C++..
-
Cycbot family
-
Detects Cycbot payload
Cycbot is a backdoor and trojan written in C++.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Adds Run key to start application
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-