General
-
Target
JaffaCakes118_429913e1cb8b1ead462b24d06d4f2456
-
Size
171KB
-
Sample
250114-w3tqaavqes
-
MD5
429913e1cb8b1ead462b24d06d4f2456
-
SHA1
03b99b0338ba69014a6ec6c2fb48fd9ec5140a4b
-
SHA256
1fa001abcfaca3c32c016bb183dddc3d26a6f344aa452986d540ea4d199101df
-
SHA512
568b16e9fb8aba967cd0b74180b15b0cef9cf212d0afc03cd8e8f5d11b4460a5b181647e33bd5d576d337fbdd8034925539b4987fce8db5b14a0be1da4b128ee
-
SSDEEP
3072:pgRhPXq8b/aW2S7AxN9jt2qidhoFgug7S57a5XeOl8Zjx6lyf1chWj23U:pf8b/aFS7e9jtydhoFgug755XFuZV6ll
Malware Config
Targets
-
-
Target
JaffaCakes118_429913e1cb8b1ead462b24d06d4f2456
-
Size
171KB
-
MD5
429913e1cb8b1ead462b24d06d4f2456
-
SHA1
03b99b0338ba69014a6ec6c2fb48fd9ec5140a4b
-
SHA256
1fa001abcfaca3c32c016bb183dddc3d26a6f344aa452986d540ea4d199101df
-
SHA512
568b16e9fb8aba967cd0b74180b15b0cef9cf212d0afc03cd8e8f5d11b4460a5b181647e33bd5d576d337fbdd8034925539b4987fce8db5b14a0be1da4b128ee
-
SSDEEP
3072:pgRhPXq8b/aW2S7AxN9jt2qidhoFgug7S57a5XeOl8Zjx6lyf1chWj23U:pf8b/aFS7e9jtydhoFgug755XFuZV6ll
Score10/10-
Cycbot
Cycbot is a backdoor and trojan written in C++..
-
Cycbot family
-
Detects Cycbot payload
Cycbot is a backdoor and trojan written in C++.
-
Modifies WinLogon for persistence
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-