General
-
Target
JaffaCakes118_2e4ba5fe3ff3c09b5049855e8318659b
-
Size
190KB
-
Sample
250113-ytcrhswmhw
-
MD5
2e4ba5fe3ff3c09b5049855e8318659b
-
SHA1
6b411b314c2ee902d85ee5991ba2d37d5c1b9334
-
SHA256
4edb9b51034fc17d3d2ec81c55291fbd0d8b77ef65cb3ebda421d5240ea7ef92
-
SHA512
81273ba5b2a66bd0e8932ee5d80110a286e340eff9cb48ca0d6b44683282b4dcbf7995ae3501d468c14358d373d62e2779887c8fc73389561e5dbfbea5a1bf8e
-
SSDEEP
3072:ehp6MQRMEJMxrYZCX2lx775d5NSpu6s2Wcy4rYnXZpMGPa4eRskmKgKWlPIE:ehpmFMdPX2lx77efs2WcyHnXZfax+KA
Malware Config
Targets
-
-
Target
JaffaCakes118_2e4ba5fe3ff3c09b5049855e8318659b
-
Size
190KB
-
MD5
2e4ba5fe3ff3c09b5049855e8318659b
-
SHA1
6b411b314c2ee902d85ee5991ba2d37d5c1b9334
-
SHA256
4edb9b51034fc17d3d2ec81c55291fbd0d8b77ef65cb3ebda421d5240ea7ef92
-
SHA512
81273ba5b2a66bd0e8932ee5d80110a286e340eff9cb48ca0d6b44683282b4dcbf7995ae3501d468c14358d373d62e2779887c8fc73389561e5dbfbea5a1bf8e
-
SSDEEP
3072:ehp6MQRMEJMxrYZCX2lx775d5NSpu6s2Wcy4rYnXZpMGPa4eRskmKgKWlPIE:ehpmFMdPX2lx77efs2WcyHnXZfax+KA
Score10/10-
Cycbot
Cycbot is a backdoor and trojan written in C++..
-
Cycbot family
-
Detects Cycbot payload
Cycbot is a backdoor and trojan written in C++.
-
Modifies WinLogon for persistence
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-