General
-
Target
JaffaCakes118_0548478fc4d1343ef0b9041c01750f77
-
Size
166KB
-
Sample
250112-dxz11awnfn
-
MD5
0548478fc4d1343ef0b9041c01750f77
-
SHA1
08bd7502a46567d3cc213f2569cd5b6e79ea9c94
-
SHA256
205ee3397aaacd58eedf3494f2c3f71007a27888de0d4bd1f718a65d067a980d
-
SHA512
a227694c956173a78a878ab9c3c619a3ce5ceb146cf7dc6f672def16beede630670c00b756cf03c9dc9e791a14ce845fc6d1293b00b74fe2be8a4c6cd1160393
-
SSDEEP
3072:nYLcSldf4pukdE3ats+J8vMtDS4AmN0mWotFowQjaxmiKqd1NDfCJyc:nYgS34HdE/+J8vQDWotFvQjaIiKqdrDG
Malware Config
Targets
-
-
Target
JaffaCakes118_0548478fc4d1343ef0b9041c01750f77
-
Size
166KB
-
MD5
0548478fc4d1343ef0b9041c01750f77
-
SHA1
08bd7502a46567d3cc213f2569cd5b6e79ea9c94
-
SHA256
205ee3397aaacd58eedf3494f2c3f71007a27888de0d4bd1f718a65d067a980d
-
SHA512
a227694c956173a78a878ab9c3c619a3ce5ceb146cf7dc6f672def16beede630670c00b756cf03c9dc9e791a14ce845fc6d1293b00b74fe2be8a4c6cd1160393
-
SSDEEP
3072:nYLcSldf4pukdE3ats+J8vMtDS4AmN0mWotFowQjaxmiKqd1NDfCJyc:nYgS34HdE/+J8vQDWotFvQjaIiKqdrDG
Score10/10-
Cycbot
Cycbot is a backdoor and trojan written in C++..
-
Cycbot family
-
Detects Cycbot payload
Cycbot is a backdoor and trojan written in C++.
-
Modifies WinLogon for persistence
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-