General
-
Target
JaffaCakes118_63b6e99946066ff0a4524bf40077a25d
-
Size
169KB
-
Sample
250102-j111csvpcl
-
MD5
63b6e99946066ff0a4524bf40077a25d
-
SHA1
72e13910d756720e952999803fef05d9a336cbb6
-
SHA256
19abfd29560432b083bdc06842c2f17304a50bd09f8e3e1bca7341aefd0492bb
-
SHA512
5fa231a1454016061caea55438fb0dc18444a6b518e2441eac7784da421c1c531724886cbacb29528adbbafd6e45a4bae1bd6bc1168b3fea9b987bb41c84570e
-
SSDEEP
3072:4EIFKOKD1rajcxrFZsvGg+wURIoCsmSIiDVI6AiTOpGKSIV3rTMwWVrK0nJXdf2k:2FTKD1O4RZsvFRfsnsiTOpGxg3XMwWVF
Malware Config
Targets
-
-
Target
JaffaCakes118_63b6e99946066ff0a4524bf40077a25d
-
Size
169KB
-
MD5
63b6e99946066ff0a4524bf40077a25d
-
SHA1
72e13910d756720e952999803fef05d9a336cbb6
-
SHA256
19abfd29560432b083bdc06842c2f17304a50bd09f8e3e1bca7341aefd0492bb
-
SHA512
5fa231a1454016061caea55438fb0dc18444a6b518e2441eac7784da421c1c531724886cbacb29528adbbafd6e45a4bae1bd6bc1168b3fea9b987bb41c84570e
-
SSDEEP
3072:4EIFKOKD1rajcxrFZsvGg+wURIoCsmSIiDVI6AiTOpGKSIV3rTMwWVrK0nJXdf2k:2FTKD1O4RZsvFRfsnsiTOpGxg3XMwWVF
Score10/10-
Cycbot
Cycbot is a backdoor and trojan written in C++..
-
Cycbot family
-
Detects Cycbot payload
Cycbot is a backdoor and trojan written in C++.
-
Modifies WinLogon for persistence
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-