General
-
Target
JaffaCakes118_0c30b7facfade74e515608fdceb2926d
-
Size
184KB
-
Sample
250112-mch2esyjgy
-
MD5
0c30b7facfade74e515608fdceb2926d
-
SHA1
2a9ab72f77d63884598cbf5fed63288495752c0e
-
SHA256
4d3dc05ef0cb8509dbbea9dc47d93306d89046faa7eb4ba93b9c762462136f00
-
SHA512
f6cdde662069bf9bfef1d5d6755d30ee7db343df9c6eeac6728dc8db1693bb864dfbdbbb039a305a43ee6be6715833d88f1cd7b931dab80a8f30ff0dd0b6d684
-
SSDEEP
3072:VEy251OtJb46DY8RGx8XOWhXO0uLTCTbJmEjFCViGQDmxYzuS9HineAwaI+:VEy2I46Dbk89hXPXzFka7inV1
Malware Config
Targets
-
-
Target
JaffaCakes118_0c30b7facfade74e515608fdceb2926d
-
Size
184KB
-
MD5
0c30b7facfade74e515608fdceb2926d
-
SHA1
2a9ab72f77d63884598cbf5fed63288495752c0e
-
SHA256
4d3dc05ef0cb8509dbbea9dc47d93306d89046faa7eb4ba93b9c762462136f00
-
SHA512
f6cdde662069bf9bfef1d5d6755d30ee7db343df9c6eeac6728dc8db1693bb864dfbdbbb039a305a43ee6be6715833d88f1cd7b931dab80a8f30ff0dd0b6d684
-
SSDEEP
3072:VEy251OtJb46DY8RGx8XOWhXO0uLTCTbJmEjFCViGQDmxYzuS9HineAwaI+:VEy2I46Dbk89hXPXzFka7inV1
Score10/10-
Cycbot
Cycbot is a backdoor and trojan written in C++..
-
Cycbot family
-
Detects Cycbot payload
Cycbot is a backdoor and trojan written in C++.
-
Modifies WinLogon for persistence
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-