General
-
Target
JaffaCakes118_6e706049da909ebae3e3ad358384a260
-
Size
173KB
-
Sample
250103-wk3kgawlay
-
MD5
6e706049da909ebae3e3ad358384a260
-
SHA1
6fa5aff04f089386ed0c24a45517d510ab223118
-
SHA256
fb08474a1383c9f17135322c869b3377e21170862105f1c137ffc7510263709a
-
SHA512
3de7d2eac1b2e6866eceb281f69b0de7e5c8293bbabcf323fcfdf872d88d126e7f6285c4f78c5b3fa80682438439b1ae59c7b93c7b733a5a34d181da24ded791
-
SSDEEP
3072:uPO4Wj4iN//v/J6W0oQEXQN3d68W0arM9wDoprGEP+63NGaMbtwT:uPO4Wj3N//wHoQEXQN3SZyz+w0aW
Malware Config
Targets
-
-
Target
JaffaCakes118_6e706049da909ebae3e3ad358384a260
-
Size
173KB
-
MD5
6e706049da909ebae3e3ad358384a260
-
SHA1
6fa5aff04f089386ed0c24a45517d510ab223118
-
SHA256
fb08474a1383c9f17135322c869b3377e21170862105f1c137ffc7510263709a
-
SHA512
3de7d2eac1b2e6866eceb281f69b0de7e5c8293bbabcf323fcfdf872d88d126e7f6285c4f78c5b3fa80682438439b1ae59c7b93c7b733a5a34d181da24ded791
-
SSDEEP
3072:uPO4Wj4iN//v/J6W0oQEXQN3d68W0arM9wDoprGEP+63NGaMbtwT:uPO4Wj3N//wHoQEXQN3SZyz+w0aW
Score10/10-
Cycbot
Cycbot is a backdoor and trojan written in C++..
-
Cycbot family
-
Detects Cycbot payload
Cycbot is a backdoor and trojan written in C++.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Adds Run key to start application
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-