General
-
Target
JaffaCakes118_33cea2d34c90582aa2d17a507d1763b6
-
Size
190KB
-
Sample
250114-cxwsxatpgz
-
MD5
33cea2d34c90582aa2d17a507d1763b6
-
SHA1
11dc05f177e7b6c25d55732046d0a12a00f2049f
-
SHA256
2e278d2c58f5b936e7f1e374ad337a061720db6a2d588c0b4fca39da30a9780e
-
SHA512
154df078026139281a73750021ba925855c18f1b342e67c93d98ffb16b5b3d810ddeda216ea92b51815875e55c125e4ef695799691e5a3bfa69003a82cebd9a0
-
SSDEEP
3072:n2ZobCi7R0ibuFxJa5UxOFrj6oWX1ybmX4aeMAjcBVy4MCzEe9fknDzX23BiArTG:2Z4110SAJa5UxmrGoWBXV2jul+/X23Bh
Static task
static1
Behavioral task
behavioral1
Sample
JaffaCakes118_33cea2d34c90582aa2d17a507d1763b6.exe
Resource
win7-20241010-en
Malware Config
Targets
-
-
Target
JaffaCakes118_33cea2d34c90582aa2d17a507d1763b6
-
Size
190KB
-
MD5
33cea2d34c90582aa2d17a507d1763b6
-
SHA1
11dc05f177e7b6c25d55732046d0a12a00f2049f
-
SHA256
2e278d2c58f5b936e7f1e374ad337a061720db6a2d588c0b4fca39da30a9780e
-
SHA512
154df078026139281a73750021ba925855c18f1b342e67c93d98ffb16b5b3d810ddeda216ea92b51815875e55c125e4ef695799691e5a3bfa69003a82cebd9a0
-
SSDEEP
3072:n2ZobCi7R0ibuFxJa5UxOFrj6oWX1ybmX4aeMAjcBVy4MCzEe9fknDzX23BiArTG:2Z4110SAJa5UxmrGoWBXV2jul+/X23Bh
-
Cycbot family
-
Detects Cycbot payload
Cycbot is a backdoor and trojan written in C++.
-
Modifies WinLogon for persistence
-