General
-
Target
JaffaCakes118_3fa4d06340a531e57f764f5620827ccc
-
Size
169KB
-
Sample
250114-sve1da1qdv
-
MD5
3fa4d06340a531e57f764f5620827ccc
-
SHA1
6fdaf9fdc00c9252387c1638307ca1c1a6f8fd89
-
SHA256
7eaa88f4310f8d7ef82fa898ad959951807b9a9d173f3f5bdbea720b87780e1e
-
SHA512
1e358f11146c3ced136d4beb9b4c134d13b8c75801e791e36bdcc1a7e9d6931060bcde4e71a7c3498f2ce14d28d489b54388a83628b71976aa15e0fe2299a535
-
SSDEEP
3072:f/9h/w5RrC4LLxMSYjldWD0+n6IyjdAJD5L+cgFCNfmNFFbdsbff3sRo5c:n9Rw5R24LLySYjjjaem5ikGvRSs3
Malware Config
Targets
-
-
Target
JaffaCakes118_3fa4d06340a531e57f764f5620827ccc
-
Size
169KB
-
MD5
3fa4d06340a531e57f764f5620827ccc
-
SHA1
6fdaf9fdc00c9252387c1638307ca1c1a6f8fd89
-
SHA256
7eaa88f4310f8d7ef82fa898ad959951807b9a9d173f3f5bdbea720b87780e1e
-
SHA512
1e358f11146c3ced136d4beb9b4c134d13b8c75801e791e36bdcc1a7e9d6931060bcde4e71a7c3498f2ce14d28d489b54388a83628b71976aa15e0fe2299a535
-
SSDEEP
3072:f/9h/w5RrC4LLxMSYjldWD0+n6IyjdAJD5L+cgFCNfmNFFbdsbff3sRo5c:n9Rw5R24LLySYjjjaem5ikGvRSs3
Score10/10-
Cycbot
Cycbot is a backdoor and trojan written in C++..
-
Cycbot family
-
Detects Cycbot payload
Cycbot is a backdoor and trojan written in C++.
-
Modifies WinLogon for persistence
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-