General
-
Target
JaffaCakes118_30688c8ff5e193bd3221c5a503c90f69
-
Size
176KB
-
Sample
250113-2e3aeayrhz
-
MD5
30688c8ff5e193bd3221c5a503c90f69
-
SHA1
58b4d92cbea6ff463586fabadc4bb30d000cf8ca
-
SHA256
7516089d60a30a77a2949b81437652295cf854dd254706b3b7015deba00b811c
-
SHA512
3fdf1dadb673c128ea8ea57f8f617317774dc269261fe2c60ffc69408a5d3a1acf84debd01208b5ce5e396c9a73767b716303e4a07d4554a041c7dc5a2c21658
-
SSDEEP
3072:De7I1T0TeBNyamA+4X0sVPMZHG6TohKpPTSbufQjNM3NtE06woM0yxOoEgEZw:DeoT0TeBNynA+49EdFpTSbuwoE0R0cOy
Malware Config
Targets
-
-
Target
JaffaCakes118_30688c8ff5e193bd3221c5a503c90f69
-
Size
176KB
-
MD5
30688c8ff5e193bd3221c5a503c90f69
-
SHA1
58b4d92cbea6ff463586fabadc4bb30d000cf8ca
-
SHA256
7516089d60a30a77a2949b81437652295cf854dd254706b3b7015deba00b811c
-
SHA512
3fdf1dadb673c128ea8ea57f8f617317774dc269261fe2c60ffc69408a5d3a1acf84debd01208b5ce5e396c9a73767b716303e4a07d4554a041c7dc5a2c21658
-
SSDEEP
3072:De7I1T0TeBNyamA+4X0sVPMZHG6TohKpPTSbufQjNM3NtE06woM0yxOoEgEZw:DeoT0TeBNynA+49EdFpTSbuwoE0R0cOy
Score10/10-
Cycbot
Cycbot is a backdoor and trojan written in C++..
-
Cycbot family
-
Detects Cycbot payload
Cycbot is a backdoor and trojan written in C++.
-
Modifies WinLogon for persistence
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-