General
-
Target
JaffaCakes118_3180fc9e95600ae2348d280ce0f432ea
-
Size
167KB
-
Sample
250113-3tenbs1kd1
-
MD5
3180fc9e95600ae2348d280ce0f432ea
-
SHA1
d2715b1ef61c45faf91f37a02dc003f495de41a0
-
SHA256
a5f4cedb35c92a09e104f8facd28239f47719c7085ac6394e74d7532b25f11c5
-
SHA512
31926d6039c369a5b873b9cc395cf89a67c8ab214cf141882688c3cbc5a1131bccecbb815aef37491daa3afccda962ca1579210afb9922a4e3c53cba81122b19
-
SSDEEP
3072:ljCoogYeZEcpONQ2Au9lbB0lrW5q7QiFDcE833a8YPxcUXXWExxJY63y:lj9/7ZlODVlbB0lBAha86NJjy
Malware Config
Targets
-
-
Target
JaffaCakes118_3180fc9e95600ae2348d280ce0f432ea
-
Size
167KB
-
MD5
3180fc9e95600ae2348d280ce0f432ea
-
SHA1
d2715b1ef61c45faf91f37a02dc003f495de41a0
-
SHA256
a5f4cedb35c92a09e104f8facd28239f47719c7085ac6394e74d7532b25f11c5
-
SHA512
31926d6039c369a5b873b9cc395cf89a67c8ab214cf141882688c3cbc5a1131bccecbb815aef37491daa3afccda962ca1579210afb9922a4e3c53cba81122b19
-
SSDEEP
3072:ljCoogYeZEcpONQ2Au9lbB0lrW5q7QiFDcE833a8YPxcUXXWExxJY63y:lj9/7ZlODVlbB0lBAha86NJjy
Score10/10-
Cycbot
Cycbot is a backdoor and trojan written in C++..
-
Cycbot family
-
Detects Cycbot payload
Cycbot is a backdoor and trojan written in C++.
-
Modifies WinLogon for persistence
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-