General
-
Target
JaffaCakes118_76cf655b9fc28c1fead90e6b2c8b3dbe
-
Size
163KB
-
Sample
250104-bvs4kawmgr
-
MD5
76cf655b9fc28c1fead90e6b2c8b3dbe
-
SHA1
364216d15a6f324fc13492f42522ed0ccc82cc75
-
SHA256
25d0017301cd8252f6e6e499c0df1f9790df64fea1c64c8a2ce4ee652b093493
-
SHA512
2454babc1ce757c655347a851210f38332c9d99efe947795ca045c6bda8c740e2e4cce23ff7813488aa8e862ad09f018fed6e23744b8a6eae22f76033d1f6be4
-
SSDEEP
3072:qIPkh4BR3Bw560TgT4reY/gjCYCiwVPiR40IXjLP7Yp6j3nKAxfTATuc832i15LN:qth4H3BwA0G4rP4tCiwcTIXLXbiE3VLW
Malware Config
Targets
-
-
Target
JaffaCakes118_76cf655b9fc28c1fead90e6b2c8b3dbe
-
Size
163KB
-
MD5
76cf655b9fc28c1fead90e6b2c8b3dbe
-
SHA1
364216d15a6f324fc13492f42522ed0ccc82cc75
-
SHA256
25d0017301cd8252f6e6e499c0df1f9790df64fea1c64c8a2ce4ee652b093493
-
SHA512
2454babc1ce757c655347a851210f38332c9d99efe947795ca045c6bda8c740e2e4cce23ff7813488aa8e862ad09f018fed6e23744b8a6eae22f76033d1f6be4
-
SSDEEP
3072:qIPkh4BR3Bw560TgT4reY/gjCYCiwVPiR40IXjLP7Yp6j3nKAxfTATuc832i15LN:qth4H3BwA0G4rP4tCiwcTIXLXbiE3VLW
Score10/10-
Cycbot
Cycbot is a backdoor and trojan written in C++..
-
Cycbot family
-
Detects Cycbot payload
Cycbot is a backdoor and trojan written in C++.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Adds Run key to start application
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-