General
-
Target
JaffaCakes118_1ca91f0e0fc16e2eedee7f9076578c81
-
Size
181KB
-
Sample
250113-a932msxpby
-
MD5
1ca91f0e0fc16e2eedee7f9076578c81
-
SHA1
215c6823ce9ca0ff4a652e2e94ee18e96ff76a99
-
SHA256
6f84907ff69c67a295786991d199157942d35edd3c7351eb1ada13d26734b953
-
SHA512
d87e792be2c40b76c0d78174868f6ca5557e7d6bb154f3baa26239964fc2359dc512320a5d94745c042257a0c346c3f5f6909bd1ddff9084b53f44f6f21ffda2
-
SSDEEP
3072:ypTafsJaImvR5yAiFy7z/axIRi5kaj+v+kmKVTbI8h68lfLxXMGsjsMP5HZ4GHU8:gTafSsb/BRi5jRkmKVPZh68ljxXMNsvi
Malware Config
Targets
-
-
Target
JaffaCakes118_1ca91f0e0fc16e2eedee7f9076578c81
-
Size
181KB
-
MD5
1ca91f0e0fc16e2eedee7f9076578c81
-
SHA1
215c6823ce9ca0ff4a652e2e94ee18e96ff76a99
-
SHA256
6f84907ff69c67a295786991d199157942d35edd3c7351eb1ada13d26734b953
-
SHA512
d87e792be2c40b76c0d78174868f6ca5557e7d6bb154f3baa26239964fc2359dc512320a5d94745c042257a0c346c3f5f6909bd1ddff9084b53f44f6f21ffda2
-
SSDEEP
3072:ypTafsJaImvR5yAiFy7z/axIRi5kaj+v+kmKVTbI8h68lfLxXMGsjsMP5HZ4GHU8:gTafSsb/BRi5jRkmKVPZh68ljxXMNsvi
Score10/10-
Cycbot
Cycbot is a backdoor and trojan written in C++..
-
Cycbot family
-
Detects Cycbot payload
Cycbot is a backdoor and trojan written in C++.
-
Modifies WinLogon for persistence
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-