General
-
Target
JaffaCakes118_4871ce3f9bd807b9e71afb7a1cbd067f
-
Size
155KB
-
Sample
250115-ahdmnswmbr
-
MD5
4871ce3f9bd807b9e71afb7a1cbd067f
-
SHA1
ff42237f0c07c4d8e15beeb8f10b60082bcb68f1
-
SHA256
76f691e1e1ea35faa8f3b4db03695dbf493453cf66e92e15cd58489d246ceeaa
-
SHA512
03255e7104b42ca5433bc54f4a7f472985fc105b10d61f7d807a4c9bb8095e38a4d5cd4763c35f56cf0faa326fa92f843ef7637ca12d62fa11bd2b84d9b62496
-
SSDEEP
3072:vw/9LWqGjWmpYCMg9kQyaW6ywE8LU/1Bd8A9GRikTlqZkWMwrw7DuC:vwpWqPmuCMg9kdIU/1oA98JWMw+
Malware Config
Targets
-
-
Target
JaffaCakes118_4871ce3f9bd807b9e71afb7a1cbd067f
-
Size
155KB
-
MD5
4871ce3f9bd807b9e71afb7a1cbd067f
-
SHA1
ff42237f0c07c4d8e15beeb8f10b60082bcb68f1
-
SHA256
76f691e1e1ea35faa8f3b4db03695dbf493453cf66e92e15cd58489d246ceeaa
-
SHA512
03255e7104b42ca5433bc54f4a7f472985fc105b10d61f7d807a4c9bb8095e38a4d5cd4763c35f56cf0faa326fa92f843ef7637ca12d62fa11bd2b84d9b62496
-
SSDEEP
3072:vw/9LWqGjWmpYCMg9kQyaW6ywE8LU/1Bd8A9GRikTlqZkWMwrw7DuC:vwpWqPmuCMg9kdIU/1oA98JWMw+
Score10/10-
Cycbot
Cycbot is a backdoor and trojan written in C++..
-
Cycbot family
-
Detects Cycbot payload
Cycbot is a backdoor and trojan written in C++.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Adds Run key to start application
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-