General
-
Target
JaffaCakes118_77bc66c8866219b0866640c4e6f90aaf
-
Size
167KB
-
Sample
250104-fhlaeasqdv
-
MD5
77bc66c8866219b0866640c4e6f90aaf
-
SHA1
d1d894d3f849f82daec0626b8ff4658b09ef557f
-
SHA256
322d841455b742ccf34a513e9026a9388d6b9a6253e8c93f20a74401e6143b87
-
SHA512
a98a6cf3ebdf93466cc9cb84de6242ca51ce5403a2a74d737500edb81eeb5ec67d712f297f2be048855bcdf3a9ea4a7d0419602102ffd8c3d4f1da37003e9226
-
SSDEEP
3072:3//Sxak3diPM3JwOy8fCoG3o9ZCZBhWBJPqv2cJdTs6G0Bm7mK6WyWNH:3/a2k3KK6v6wUJqecvY9yKxZH
Malware Config
Targets
-
-
Target
JaffaCakes118_77bc66c8866219b0866640c4e6f90aaf
-
Size
167KB
-
MD5
77bc66c8866219b0866640c4e6f90aaf
-
SHA1
d1d894d3f849f82daec0626b8ff4658b09ef557f
-
SHA256
322d841455b742ccf34a513e9026a9388d6b9a6253e8c93f20a74401e6143b87
-
SHA512
a98a6cf3ebdf93466cc9cb84de6242ca51ce5403a2a74d737500edb81eeb5ec67d712f297f2be048855bcdf3a9ea4a7d0419602102ffd8c3d4f1da37003e9226
-
SSDEEP
3072:3//Sxak3diPM3JwOy8fCoG3o9ZCZBhWBJPqv2cJdTs6G0Bm7mK6WyWNH:3/a2k3KK6v6wUJqecvY9yKxZH
Score10/10-
Cycbot
Cycbot is a backdoor and trojan written in C++..
-
Cycbot family
-
Detects Cycbot payload
Cycbot is a backdoor and trojan written in C++.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Adds Run key to start application
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-