General
-
Target
JaffaCakes118_28a4ff439567acdcb7edf44dfce76b64
-
Size
167KB
-
Sample
250113-nky82szpgv
-
MD5
28a4ff439567acdcb7edf44dfce76b64
-
SHA1
69efb46b74cee2a413e430040b04381d5dc08596
-
SHA256
69d353e51b6670af251cd9ae4f63a1562ea1d15c93d87cfb68ec2dc74465ceff
-
SHA512
1f9dad360f79f47bd638e90f9577e225de081e8dba8479e939636e41cb159c5e630b33057c554c2c0be5edefafcc3d82d4e38c70f7fc5c2c49a3a4a572077cab
-
SSDEEP
3072:3LMfUkXbpteqoAM8I72E3Pbl5a161RbzbzLvcxXnrOvoz1BALtABzAW6Bl/OZ:7WX1tLIS+Du6zbvchrOvaoiMtBlW
Malware Config
Targets
-
-
Target
JaffaCakes118_28a4ff439567acdcb7edf44dfce76b64
-
Size
167KB
-
MD5
28a4ff439567acdcb7edf44dfce76b64
-
SHA1
69efb46b74cee2a413e430040b04381d5dc08596
-
SHA256
69d353e51b6670af251cd9ae4f63a1562ea1d15c93d87cfb68ec2dc74465ceff
-
SHA512
1f9dad360f79f47bd638e90f9577e225de081e8dba8479e939636e41cb159c5e630b33057c554c2c0be5edefafcc3d82d4e38c70f7fc5c2c49a3a4a572077cab
-
SSDEEP
3072:3LMfUkXbpteqoAM8I72E3Pbl5a161RbzbzLvcxXnrOvoz1BALtABzAW6Bl/OZ:7WX1tLIS+Du6zbvchrOvaoiMtBlW
Score10/10-
Cycbot
Cycbot is a backdoor and trojan written in C++..
-
Cycbot family
-
Detects Cycbot payload
Cycbot is a backdoor and trojan written in C++.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Adds Run key to start application
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-