General
-
Target
JaffaCakes118_41f7f2200cf39489f99f82ef1ab727d7
-
Size
166KB
-
Sample
250114-wg178sxjbn
-
MD5
41f7f2200cf39489f99f82ef1ab727d7
-
SHA1
c6af8c603910a3c6edd5600ff0d849c6d169cd23
-
SHA256
2c18b47588f93746be9eb64908defaef48fc3bee1cd06cf9b05c0887cc3d62c6
-
SHA512
68ae4c8c92800bfc8cd7eaf1801d9ea408f3932cdee4d909ddaeef2cdbfa7c9436e13d6b077a21eccaddb08fe453476f19fce79e11c6996e9434a1c1960e5ac7
-
SSDEEP
3072:Tqx0uMqX1Lkhk7CcjCcwikH2Z3YCx8gl7KFSAo1KUDRXiweGtGK7QmT:TqxgqX1LkhktfhkWAgpESAoKeRXiOR7T
Malware Config
Targets
-
-
Target
JaffaCakes118_41f7f2200cf39489f99f82ef1ab727d7
-
Size
166KB
-
MD5
41f7f2200cf39489f99f82ef1ab727d7
-
SHA1
c6af8c603910a3c6edd5600ff0d849c6d169cd23
-
SHA256
2c18b47588f93746be9eb64908defaef48fc3bee1cd06cf9b05c0887cc3d62c6
-
SHA512
68ae4c8c92800bfc8cd7eaf1801d9ea408f3932cdee4d909ddaeef2cdbfa7c9436e13d6b077a21eccaddb08fe453476f19fce79e11c6996e9434a1c1960e5ac7
-
SSDEEP
3072:Tqx0uMqX1Lkhk7CcjCcwikH2Z3YCx8gl7KFSAo1KUDRXiweGtGK7QmT:TqxgqX1LkhktfhkWAgpESAoKeRXiOR7T
Score10/10-
Cycbot
Cycbot is a backdoor and trojan written in C++..
-
Cycbot family
-
Detects Cycbot payload
Cycbot is a backdoor and trojan written in C++.
-
Modifies WinLogon for persistence
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-