General
-
Target
JaffaCakes118_48c15e2fa6716f40bbe47d31106d7767
-
Size
172KB
-
Sample
250115-atpt3swpgk
-
MD5
48c15e2fa6716f40bbe47d31106d7767
-
SHA1
abd8edafa983c34dbf7961a96106fecbcd603dda
-
SHA256
ae81fee6aa8eb428f282471db50b348b22f0f399d5e9c97a6721f74ad6788b46
-
SHA512
7e35e63e71f06a5d2ba0e42f9b800e67fa12c9a7a1ed186d83a733b53b18420b9c410d9b218e76618a6ca50269274fc14d879aa6abf5cd92a44c44880614b73d
-
SSDEEP
3072:29OqKsgTwk7/5ePtqWIwIax1xEyhUGRjTc2A+WgoW+QxZiFpO2Q2D6:dbwU0cWIPaDxThUKTAcv+QxZi3G
Malware Config
Targets
-
-
Target
JaffaCakes118_48c15e2fa6716f40bbe47d31106d7767
-
Size
172KB
-
MD5
48c15e2fa6716f40bbe47d31106d7767
-
SHA1
abd8edafa983c34dbf7961a96106fecbcd603dda
-
SHA256
ae81fee6aa8eb428f282471db50b348b22f0f399d5e9c97a6721f74ad6788b46
-
SHA512
7e35e63e71f06a5d2ba0e42f9b800e67fa12c9a7a1ed186d83a733b53b18420b9c410d9b218e76618a6ca50269274fc14d879aa6abf5cd92a44c44880614b73d
-
SSDEEP
3072:29OqKsgTwk7/5ePtqWIwIax1xEyhUGRjTc2A+WgoW+QxZiFpO2Q2D6:dbwU0cWIPaDxThUKTAcv+QxZi3G
Score10/10-
Cycbot
Cycbot is a backdoor and trojan written in C++..
-
Cycbot family
-
Detects Cycbot payload
Cycbot is a backdoor and trojan written in C++.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Adds Run key to start application
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-