General
-
Target
JaffaCakes118_77817ce954183a9b49965b28e8161fa1
-
Size
167KB
-
Sample
250104-elyjgazqg1
-
MD5
77817ce954183a9b49965b28e8161fa1
-
SHA1
181b5addf0b7744aeefa189c095c4d575c5a7534
-
SHA256
efa5abd15732b45333258fe0e804c31d2ef46b8acb50aac02cc9f9d368e6c9dd
-
SHA512
729ffc324baa5b1b53ea6e627c542d7c802e2fa0d0424cba858d4a0b1263f083add8ef923203fd9a54fcdbb0d4c1760550ac5a4c1fbc18644d03b08513036452
-
SSDEEP
3072:5tAmsPkZOvVNpb2jlfSb2Kqu8pCR45sgVqVhQC+gaxJOtga7cZHZtBUEq3Xntz:5kPkZOtbClO3pXR45sgVKQC+gEg4yE4X
Malware Config
Targets
-
-
Target
JaffaCakes118_77817ce954183a9b49965b28e8161fa1
-
Size
167KB
-
MD5
77817ce954183a9b49965b28e8161fa1
-
SHA1
181b5addf0b7744aeefa189c095c4d575c5a7534
-
SHA256
efa5abd15732b45333258fe0e804c31d2ef46b8acb50aac02cc9f9d368e6c9dd
-
SHA512
729ffc324baa5b1b53ea6e627c542d7c802e2fa0d0424cba858d4a0b1263f083add8ef923203fd9a54fcdbb0d4c1760550ac5a4c1fbc18644d03b08513036452
-
SSDEEP
3072:5tAmsPkZOvVNpb2jlfSb2Kqu8pCR45sgVqVhQC+gaxJOtga7cZHZtBUEq3Xntz:5kPkZOtbClO3pXR45sgVKQC+gEg4yE4X
Score10/10-
Cycbot
Cycbot is a backdoor and trojan written in C++..
-
Cycbot family
-
Detects Cycbot payload
Cycbot is a backdoor and trojan written in C++.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Adds Run key to start application
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-