General
-
Target
JaffaCakes118_6b114e983562a572b9c5cf5d1e8faaaa
-
Size
177KB
-
Sample
250103-h9vn9sxkam
-
MD5
6b114e983562a572b9c5cf5d1e8faaaa
-
SHA1
f9544355eb30380263902b13c16bc4f2fb8d1302
-
SHA256
8f21d1e948b0b999cc58706dfb5ceb8553ae0368737eecf96d5bc38565bb1bc5
-
SHA512
2fef35dfdf91d54ffa7eb921ab875dfa1b0a044d77967cc780dcef9d18ec4ed09d5a2f4fd143ea0d6ad223355027b2326c73d7f1d7b86ed2ed49eb5a8a665e36
-
SSDEEP
3072:7J2sg/xi84Z9rVpXWFZk5aDsmWOZHL2CagC1PDxgjjNWLKSDhDjtGsw:7I/74Z9RpXWFu5wnZNIPtgjjNW2SDRG
Malware Config
Targets
-
-
Target
JaffaCakes118_6b114e983562a572b9c5cf5d1e8faaaa
-
Size
177KB
-
MD5
6b114e983562a572b9c5cf5d1e8faaaa
-
SHA1
f9544355eb30380263902b13c16bc4f2fb8d1302
-
SHA256
8f21d1e948b0b999cc58706dfb5ceb8553ae0368737eecf96d5bc38565bb1bc5
-
SHA512
2fef35dfdf91d54ffa7eb921ab875dfa1b0a044d77967cc780dcef9d18ec4ed09d5a2f4fd143ea0d6ad223355027b2326c73d7f1d7b86ed2ed49eb5a8a665e36
-
SSDEEP
3072:7J2sg/xi84Z9rVpXWFZk5aDsmWOZHL2CagC1PDxgjjNWLKSDhDjtGsw:7I/74Z9RpXWFu5wnZNIPtgjjNW2SDRG
Score10/10-
Cycbot
Cycbot is a backdoor and trojan written in C++..
-
Cycbot family
-
Detects Cycbot payload
Cycbot is a backdoor and trojan written in C++.
-
Modifies WinLogon for persistence
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-