General
-
Target
JaffaCakes118_2732671ad78dbcf1138750598a0e2f78
-
Size
170KB
-
Sample
250113-lvwvkaznhk
-
MD5
2732671ad78dbcf1138750598a0e2f78
-
SHA1
5cef2cc8f6f6f68614020b7e5513110047c0550c
-
SHA256
aa1663813c5c76b58c2d04afb9beff9ad69a2fcbdd45fdda9a8cc0245b9bb462
-
SHA512
5229fe79f8c1ae749a345329a5334542a36962106885c2c2925088113102040f2f7b3e403f49dfc340b8391b506dd4f38306dc5ac1f705070e7fefde3846a68f
-
SSDEEP
3072:DVwtr5YlFM/uEloPpM8tHfGu8EpTxPpSs8nWtESsEldgv3OPf5r2wyTq:DcVY/M/5ley81FDxPI50cEzn5r3I
Malware Config
Targets
-
-
Target
JaffaCakes118_2732671ad78dbcf1138750598a0e2f78
-
Size
170KB
-
MD5
2732671ad78dbcf1138750598a0e2f78
-
SHA1
5cef2cc8f6f6f68614020b7e5513110047c0550c
-
SHA256
aa1663813c5c76b58c2d04afb9beff9ad69a2fcbdd45fdda9a8cc0245b9bb462
-
SHA512
5229fe79f8c1ae749a345329a5334542a36962106885c2c2925088113102040f2f7b3e403f49dfc340b8391b506dd4f38306dc5ac1f705070e7fefde3846a68f
-
SSDEEP
3072:DVwtr5YlFM/uEloPpM8tHfGu8EpTxPpSs8nWtESsEldgv3OPf5r2wyTq:DcVY/M/5ley81FDxPI50cEzn5r3I
Score10/10-
Cycbot
Cycbot is a backdoor and trojan written in C++..
-
Cycbot family
-
Detects Cycbot payload
Cycbot is a backdoor and trojan written in C++.
-
Modifies WinLogon for persistence
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-