General
-
Target
JaffaCakes118_494ff3a7ff00cade6e861ec93ad2a299
-
Size
192KB
-
Sample
250115-bevbpaxmbk
-
MD5
494ff3a7ff00cade6e861ec93ad2a299
-
SHA1
7e1cc006af5e1d1606b2625f6e3788cb8cd1f183
-
SHA256
a793e45bc5702bcd117fe4efed6095d38933acfde9b91c9e10c3e2d11cd1ff08
-
SHA512
74d793b358934afad45a94cc39afac9539e077b8d1754f6d202fe4f78ed25b291b344613ed0259c25aca7bcdcebdb95a00ad8ccda4a0151c1fc38852b98ce82f
-
SSDEEP
3072:nmiMyXlfGaXTmpu8E9XsoLPCrCo0RIyE0qzvv8jsRkZNeVOq4NkgTOliJzsTn7bz:nmwVxX6o8EBKCNOLvWZyMNkow4A/2
Malware Config
Targets
-
-
Target
JaffaCakes118_494ff3a7ff00cade6e861ec93ad2a299
-
Size
192KB
-
MD5
494ff3a7ff00cade6e861ec93ad2a299
-
SHA1
7e1cc006af5e1d1606b2625f6e3788cb8cd1f183
-
SHA256
a793e45bc5702bcd117fe4efed6095d38933acfde9b91c9e10c3e2d11cd1ff08
-
SHA512
74d793b358934afad45a94cc39afac9539e077b8d1754f6d202fe4f78ed25b291b344613ed0259c25aca7bcdcebdb95a00ad8ccda4a0151c1fc38852b98ce82f
-
SSDEEP
3072:nmiMyXlfGaXTmpu8E9XsoLPCrCo0RIyE0qzvv8jsRkZNeVOq4NkgTOliJzsTn7bz:nmwVxX6o8EBKCNOLvWZyMNkow4A/2
Score10/10-
Cycbot
Cycbot is a backdoor and trojan written in C++..
-
Cycbot family
-
Detects Cycbot payload
Cycbot is a backdoor and trojan written in C++.
-
Modifies WinLogon for persistence
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-