General
-
Target
JaffaCakes118_3958959cea06679f591c8920cbb00b9a
-
Size
177KB
-
Sample
250114-j3135sslfw
-
MD5
3958959cea06679f591c8920cbb00b9a
-
SHA1
b3fb1c0c1d03580a8bce4ab48b566bf182b16385
-
SHA256
101afb81cb6748091f919ecb695c4c2bf981ac9b37a7cad39de077ca4123b5cf
-
SHA512
22701ce63dd93b38c8043e53f20ebac34e617071535e3238748dc392ccd49cc8e64691b01be5cafb42df1bfe359259298f87d6c5fec1c60fae2581a090d6d994
-
SSDEEP
3072:st21N2N6buomS/bDoRIMmllcixB2X+ANGyyvpcXytVlSf8+CxZUO8C:sc1U4HjDoRIl7ci2+ANGFvZVlSfPCxv
Malware Config
Targets
-
-
Target
JaffaCakes118_3958959cea06679f591c8920cbb00b9a
-
Size
177KB
-
MD5
3958959cea06679f591c8920cbb00b9a
-
SHA1
b3fb1c0c1d03580a8bce4ab48b566bf182b16385
-
SHA256
101afb81cb6748091f919ecb695c4c2bf981ac9b37a7cad39de077ca4123b5cf
-
SHA512
22701ce63dd93b38c8043e53f20ebac34e617071535e3238748dc392ccd49cc8e64691b01be5cafb42df1bfe359259298f87d6c5fec1c60fae2581a090d6d994
-
SSDEEP
3072:st21N2N6buomS/bDoRIMmllcixB2X+ANGyyvpcXytVlSf8+CxZUO8C:sc1U4HjDoRIl7ci2+ANGFvZVlSfPCxv
Score10/10-
Cycbot
Cycbot is a backdoor and trojan written in C++..
-
Cycbot family
-
Detects Cycbot payload
Cycbot is a backdoor and trojan written in C++.
-
Modifies WinLogon for persistence
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-