General
-
Target
JaffaCakes118_0f8ff1d02f4d2ab438537afb36cf0bfd
-
Size
166KB
-
Sample
250112-qj6ylswmgq
-
MD5
0f8ff1d02f4d2ab438537afb36cf0bfd
-
SHA1
468fc26a61057e42e34fd9d7ca567d81b4fe7b07
-
SHA256
27dbd55f0a916a37c858ebcad87c4fd4b56d30768c6b8fad1b7bd52d3da9321d
-
SHA512
c9460d922a16272e8c902a2f9b240e811a12903265a9d907b5ee29fc5c7dd67d705ac22115de815626619f5a1511692f40a3a456ec4f9ebddd37893e6ff82c69
-
SSDEEP
3072:H45D2T8WZ9Et60okcy94lywywBs6zukCSQlx93WH9wQ/QRgpcNGSH2RCxzo:H48pEt60o1yMyT+sRhT93fQ/Y6cNGSWK
Malware Config
Targets
-
-
Target
JaffaCakes118_0f8ff1d02f4d2ab438537afb36cf0bfd
-
Size
166KB
-
MD5
0f8ff1d02f4d2ab438537afb36cf0bfd
-
SHA1
468fc26a61057e42e34fd9d7ca567d81b4fe7b07
-
SHA256
27dbd55f0a916a37c858ebcad87c4fd4b56d30768c6b8fad1b7bd52d3da9321d
-
SHA512
c9460d922a16272e8c902a2f9b240e811a12903265a9d907b5ee29fc5c7dd67d705ac22115de815626619f5a1511692f40a3a456ec4f9ebddd37893e6ff82c69
-
SSDEEP
3072:H45D2T8WZ9Et60okcy94lywywBs6zukCSQlx93WH9wQ/QRgpcNGSH2RCxzo:H48pEt60o1yMyT+sRhT93fQ/Y6cNGSWK
Score10/10-
Cycbot
Cycbot is a backdoor and trojan written in C++..
-
Cycbot family
-
Detects Cycbot payload
Cycbot is a backdoor and trojan written in C++.
-
Modifies WinLogon for persistence
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-