General
-
Target
JaffaCakes118_5580849d3baddef79ca41fa7c37a1b13
-
Size
190KB
-
Sample
250115-nfx57a1nay
-
MD5
5580849d3baddef79ca41fa7c37a1b13
-
SHA1
045b7a38141b534d8181d5dd1b936403d462f74a
-
SHA256
4b65d6be2cc5c3b968296837147ca2812e243c88ccf44a03e9c4188f38b9f5bc
-
SHA512
4e29115e94ebcbf9818ba9b0afded7af26dab0b3b9c9db55c8732f350ab3eb07b3a09c741802f385615b745ec44c4ed812a991c28188ac367c460b55f6460215
-
SSDEEP
3072:TzDC1FEbCXAGj19vWQ5A9ZqbuhRnIGxIqUfwY3FM65fjLg9UdqPX6rQNNTeP4Si5:HDC1F0CXVnWQnuMGaoY3F15ffVqCeNTR
Malware Config
Targets
-
-
Target
JaffaCakes118_5580849d3baddef79ca41fa7c37a1b13
-
Size
190KB
-
MD5
5580849d3baddef79ca41fa7c37a1b13
-
SHA1
045b7a38141b534d8181d5dd1b936403d462f74a
-
SHA256
4b65d6be2cc5c3b968296837147ca2812e243c88ccf44a03e9c4188f38b9f5bc
-
SHA512
4e29115e94ebcbf9818ba9b0afded7af26dab0b3b9c9db55c8732f350ab3eb07b3a09c741802f385615b745ec44c4ed812a991c28188ac367c460b55f6460215
-
SSDEEP
3072:TzDC1FEbCXAGj19vWQ5A9ZqbuhRnIGxIqUfwY3FM65fjLg9UdqPX6rQNNTeP4Si5:HDC1F0CXVnWQnuMGaoY3F15ffVqCeNTR
Score10/10-
Cycbot
Cycbot is a backdoor and trojan written in C++..
-
Cycbot family
-
Detects Cycbot payload
Cycbot is a backdoor and trojan written in C++.
-
Modifies WinLogon for persistence
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-