General
-
Target
JaffaCakes118_1fb59a8994c441c08bf9dbef99325a0d
-
Size
180KB
-
Sample
250113-d3lesstmft
-
MD5
1fb59a8994c441c08bf9dbef99325a0d
-
SHA1
84cefe0e5b1ed635abcc3b49572b4fd7b7a28b2b
-
SHA256
7d5426a37bf70bd110f7652288577133592cd5cd1e26fabf83aa321df6521c64
-
SHA512
b7dfec7f14a4f1790c4d4b5a90c461b18fcc9f06c9836a329f65659d012586f1921936ab97273aca9e62c6c2eb019f2098f71e9a4247a547cb9920c7303d1658
-
SSDEEP
3072:R4DlgwOy4hsf3hyjNbhGKJ6TOAqOjhM18uI2WupaXgAFFVfvu+bAZFAzpYlgFDal:ylgry4avCP6u1vI2TmvVfvSZFAtYiDo
Malware Config
Targets
-
-
Target
JaffaCakes118_1fb59a8994c441c08bf9dbef99325a0d
-
Size
180KB
-
MD5
1fb59a8994c441c08bf9dbef99325a0d
-
SHA1
84cefe0e5b1ed635abcc3b49572b4fd7b7a28b2b
-
SHA256
7d5426a37bf70bd110f7652288577133592cd5cd1e26fabf83aa321df6521c64
-
SHA512
b7dfec7f14a4f1790c4d4b5a90c461b18fcc9f06c9836a329f65659d012586f1921936ab97273aca9e62c6c2eb019f2098f71e9a4247a547cb9920c7303d1658
-
SSDEEP
3072:R4DlgwOy4hsf3hyjNbhGKJ6TOAqOjhM18uI2WupaXgAFFVfvu+bAZFAzpYlgFDal:ylgry4avCP6u1vI2TmvVfvSZFAtYiDo
Score10/10-
Cycbot
Cycbot is a backdoor and trojan written in C++..
-
Cycbot family
-
Detects Cycbot payload
Cycbot is a backdoor and trojan written in C++.
-
Modifies WinLogon for persistence
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-