General
-
Target
JaffaCakes118_588245bdb4ece067ee35dd21b49eb2d4
-
Size
179KB
-
Sample
250115-q1va5swkap
-
MD5
588245bdb4ece067ee35dd21b49eb2d4
-
SHA1
d2b4f7c9337ce90c2a2170a2e65084d8d01195bf
-
SHA256
247096a0f8ee29d360de5e01a089d2345b820e83bfa9175518128a98dfd0975b
-
SHA512
cecbe71a9a41af7f20ccc5f52206ff06474a38164da504975a44489fe71b458bd5d584a97234961b9c1678a18c7e3022e84d78f3798f89723884d5f6f8321d37
-
SSDEEP
3072:HlvjWfBYXoPw9N6mILzoWHP2k08ANvT2ztGKiuuMlMSifHmML80tsJM/y72fd:Zj5oPw9kzjHP2h8+TYtFOMRifHm95r8
Malware Config
Targets
-
-
Target
JaffaCakes118_588245bdb4ece067ee35dd21b49eb2d4
-
Size
179KB
-
MD5
588245bdb4ece067ee35dd21b49eb2d4
-
SHA1
d2b4f7c9337ce90c2a2170a2e65084d8d01195bf
-
SHA256
247096a0f8ee29d360de5e01a089d2345b820e83bfa9175518128a98dfd0975b
-
SHA512
cecbe71a9a41af7f20ccc5f52206ff06474a38164da504975a44489fe71b458bd5d584a97234961b9c1678a18c7e3022e84d78f3798f89723884d5f6f8321d37
-
SSDEEP
3072:HlvjWfBYXoPw9N6mILzoWHP2k08ANvT2ztGKiuuMlMSifHmML80tsJM/y72fd:Zj5oPw9kzjHP2h8+TYtFOMRifHm95r8
Score10/10-
Cycbot
Cycbot is a backdoor and trojan written in C++..
-
Cycbot family
-
Detects Cycbot payload
Cycbot is a backdoor and trojan written in C++.
-
Modifies WinLogon for persistence
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-