General
-
Target
JaffaCakes118_6d067b3dca524db72ee007e2ba6de8ee
-
Size
177KB
-
Sample
250103-qycnbawqdx
-
MD5
6d067b3dca524db72ee007e2ba6de8ee
-
SHA1
60ddfe6a62b38490780543975f27d8dbf34347bb
-
SHA256
c86754080341471175b6205e1162f35f1ca02acaf9f487ccc50b3db7f682d22d
-
SHA512
e74c5a6549c088a8e1746a7e77fe30eaac0ae0b5ae10da5158d7bff1911561cbdf6281c119b64f3d4dd076a317a727fde674f7057cf85732b3f8f9ca37216b17
-
SSDEEP
3072:qefcNcgE1c8zKX1xRJCPz+Y2yfoP+z9/kpzFOtGSeaA14W6cqavKkn2Vrq:KGr6rlP8PztwPnctGS814PBayv
Malware Config
Targets
-
-
Target
JaffaCakes118_6d067b3dca524db72ee007e2ba6de8ee
-
Size
177KB
-
MD5
6d067b3dca524db72ee007e2ba6de8ee
-
SHA1
60ddfe6a62b38490780543975f27d8dbf34347bb
-
SHA256
c86754080341471175b6205e1162f35f1ca02acaf9f487ccc50b3db7f682d22d
-
SHA512
e74c5a6549c088a8e1746a7e77fe30eaac0ae0b5ae10da5158d7bff1911561cbdf6281c119b64f3d4dd076a317a727fde674f7057cf85732b3f8f9ca37216b17
-
SSDEEP
3072:qefcNcgE1c8zKX1xRJCPz+Y2yfoP+z9/kpzFOtGSeaA14W6cqavKkn2Vrq:KGr6rlP8PztwPnctGS814PBayv
Score10/10-
Cycbot
Cycbot is a backdoor and trojan written in C++..
-
Cycbot family
-
Detects Cycbot payload
Cycbot is a backdoor and trojan written in C++.
-
Modifies WinLogon for persistence
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-