General
-
Target
JaffaCakes118_1a9b7f68c4b4232ac15708b289ae8135
-
Size
178KB
-
Sample
250112-26rmzstpbx
-
MD5
1a9b7f68c4b4232ac15708b289ae8135
-
SHA1
9a8f1da1a4d4a69153cf1a4120802b66e038dd2c
-
SHA256
4e1f2b6a504b421ec6cb4c98a105248643dff527aee26b39e3cb8279eb8a6df3
-
SHA512
9eb990715f049a8bd759e63e99dfec2eadf735ca6a344608cf06017444b44f75859ae68b1152405822507c7118db646bf052f8b235202ec2af6aacc5867a7e74
-
SSDEEP
3072:HF8h3rEGnHZfg15j6o7ouFD5txqo5rjuv+Q3ZWTZHv7nhR1cJCd8ahjau9M17mjw:HF8rVH1C52o7lFAo5OGQ0TZusd82/9M7
Malware Config
Targets
-
-
Target
JaffaCakes118_1a9b7f68c4b4232ac15708b289ae8135
-
Size
178KB
-
MD5
1a9b7f68c4b4232ac15708b289ae8135
-
SHA1
9a8f1da1a4d4a69153cf1a4120802b66e038dd2c
-
SHA256
4e1f2b6a504b421ec6cb4c98a105248643dff527aee26b39e3cb8279eb8a6df3
-
SHA512
9eb990715f049a8bd759e63e99dfec2eadf735ca6a344608cf06017444b44f75859ae68b1152405822507c7118db646bf052f8b235202ec2af6aacc5867a7e74
-
SSDEEP
3072:HF8h3rEGnHZfg15j6o7ouFD5txqo5rjuv+Q3ZWTZHv7nhR1cJCd8ahjau9M17mjw:HF8rVH1C52o7lFAo5OGQ0TZusd82/9M7
Score10/10-
Cycbot
Cycbot is a backdoor and trojan written in C++..
-
Cycbot family
-
Detects Cycbot payload
Cycbot is a backdoor and trojan written in C++.
-
Modifies WinLogon for persistence
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-