General
-
Target
JaffaCakes118_7954234d238ec0d58f2bdab1900a08c2
-
Size
178KB
-
Sample
250104-m5ymkswpfv
-
MD5
7954234d238ec0d58f2bdab1900a08c2
-
SHA1
e84c32ca7d6e8d0e2495e77dd1223a5c33ff6583
-
SHA256
0a67c215dfb9deb1957afc5c48e7d3b92671a744ad957c84c1d1c6a1251118ee
-
SHA512
a21820f484e4a8f9c289f0e8563561b52480c1f24db5c2e101ab35fe19b546796043e08597643b68493b59d7249d5e3e1c10f201b7bc13994a7ad45dbe50d9c6
-
SSDEEP
3072:AxfwhcNwS+YJbuAf8PF8o1IqNaqsoQgZReFv9CMEwWIammbbltlhHQo/uTBz:9GbJbvto1OoQg6uMENXltlVQo/ut
Malware Config
Targets
-
-
Target
JaffaCakes118_7954234d238ec0d58f2bdab1900a08c2
-
Size
178KB
-
MD5
7954234d238ec0d58f2bdab1900a08c2
-
SHA1
e84c32ca7d6e8d0e2495e77dd1223a5c33ff6583
-
SHA256
0a67c215dfb9deb1957afc5c48e7d3b92671a744ad957c84c1d1c6a1251118ee
-
SHA512
a21820f484e4a8f9c289f0e8563561b52480c1f24db5c2e101ab35fe19b546796043e08597643b68493b59d7249d5e3e1c10f201b7bc13994a7ad45dbe50d9c6
-
SSDEEP
3072:AxfwhcNwS+YJbuAf8PF8o1IqNaqsoQgZReFv9CMEwWIammbbltlhHQo/uTBz:9GbJbvto1OoQg6uMENXltlVQo/ut
Score10/10-
Cycbot
Cycbot is a backdoor and trojan written in C++..
-
Cycbot family
-
Detects Cycbot payload
Cycbot is a backdoor and trojan written in C++.
-
Modifies WinLogon for persistence
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-