General
-
Target
JaffaCakes118_4add091628f0045631a1a046555d4a8a
-
Size
177KB
-
Sample
250115-c1ensszlgm
-
MD5
4add091628f0045631a1a046555d4a8a
-
SHA1
e4ad509cd50862dd6a316243c6ae8f4e0e5a9350
-
SHA256
26560081bc19cc9bb7cfa32037e3d2acd563bb2ac72448a12cd25d3697a7f3e2
-
SHA512
63e64b81d7edff03bb28aac8edd4df531b4ed435a17649bd1b953cb8f95b2582b26b3d04ce7738a7c2537916661ee0b703da36aa16b0766cbd47b3655f96ee83
-
SSDEEP
3072:bih3DrKbK1vHa1wHx7N9i/sHu74/zhddIuz+giPEdNuLhoVDlbm+p77:bihfKbES1wNNre47jd/gEvChoVDpX
Malware Config
Targets
-
-
Target
JaffaCakes118_4add091628f0045631a1a046555d4a8a
-
Size
177KB
-
MD5
4add091628f0045631a1a046555d4a8a
-
SHA1
e4ad509cd50862dd6a316243c6ae8f4e0e5a9350
-
SHA256
26560081bc19cc9bb7cfa32037e3d2acd563bb2ac72448a12cd25d3697a7f3e2
-
SHA512
63e64b81d7edff03bb28aac8edd4df531b4ed435a17649bd1b953cb8f95b2582b26b3d04ce7738a7c2537916661ee0b703da36aa16b0766cbd47b3655f96ee83
-
SSDEEP
3072:bih3DrKbK1vHa1wHx7N9i/sHu74/zhddIuz+giPEdNuLhoVDlbm+p77:bihfKbES1wNNre47jd/gEvChoVDpX
Score10/10-
Cycbot
Cycbot is a backdoor and trojan written in C++..
-
Cycbot family
-
Detects Cycbot payload
Cycbot is a backdoor and trojan written in C++.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Adds Run key to start application
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-