General
-
Target
JaffaCakes118_1f589d8ebed6941364c045855980148f
-
Size
169KB
-
Sample
250113-drbffssrew
-
MD5
1f589d8ebed6941364c045855980148f
-
SHA1
5be03970a7e53a094c21d9f210a8bd277c20c377
-
SHA256
1795680039b7f5ea2136fdf7737224a050793f2b880293cc677d9c6364ce54b5
-
SHA512
be6f01ba8090c6da94e4009199de31a7b800f3ebe7e72e4aa6efc14c798532c2aa7ee60888b7c2e390f86def9059d02053f1b3ccb6c7e808c7d0cad0bb7c95d6
-
SSDEEP
3072:auJwwuZ7D7SX9rYJebD58bL4FD5Bdt03vsVpJfwVddWpWVgTuK5L:a4uFU9rCebD58b0tBVHfGjOugTuw
Malware Config
Targets
-
-
Target
JaffaCakes118_1f589d8ebed6941364c045855980148f
-
Size
169KB
-
MD5
1f589d8ebed6941364c045855980148f
-
SHA1
5be03970a7e53a094c21d9f210a8bd277c20c377
-
SHA256
1795680039b7f5ea2136fdf7737224a050793f2b880293cc677d9c6364ce54b5
-
SHA512
be6f01ba8090c6da94e4009199de31a7b800f3ebe7e72e4aa6efc14c798532c2aa7ee60888b7c2e390f86def9059d02053f1b3ccb6c7e808c7d0cad0bb7c95d6
-
SSDEEP
3072:auJwwuZ7D7SX9rYJebD58bL4FD5Bdt03vsVpJfwVddWpWVgTuK5L:a4uFU9rCebD58b0tBVHfGjOugTuw
Score10/10-
Cycbot
Cycbot is a backdoor and trojan written in C++..
-
Cycbot family
-
Detects Cycbot payload
Cycbot is a backdoor and trojan written in C++.
-
Modifies WinLogon for persistence
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-