General
-
Target
JaffaCakes118_83065f3783a4caa70b8c56c2ea72ea3e
-
Size
179KB
-
Sample
250116-1w7qsa1lcv
-
MD5
83065f3783a4caa70b8c56c2ea72ea3e
-
SHA1
baea94b3e19840348b04ec67ee471760d8fbfd9c
-
SHA256
4f9459e9137cfb89e4a9304442eee1358066ae5b153e5042ce5745aa154bd9bd
-
SHA512
a080993ddbdbdee885801d4895e99a75570bb3c1cd4f43d242ba9de7e91883593eaaa67026914eb8171acf521f638c1bfab34a987bdf60859c298b923fb01e3b
-
SSDEEP
3072:4LgXsi30fWSUsS6vG8fkPtPRROOmQL351FeZkTGNCCbWv/nGAGWYL:4ssRxzsPEOmQj51syGNCcMn//YL
Malware Config
Targets
-
-
Target
JaffaCakes118_83065f3783a4caa70b8c56c2ea72ea3e
-
Size
179KB
-
MD5
83065f3783a4caa70b8c56c2ea72ea3e
-
SHA1
baea94b3e19840348b04ec67ee471760d8fbfd9c
-
SHA256
4f9459e9137cfb89e4a9304442eee1358066ae5b153e5042ce5745aa154bd9bd
-
SHA512
a080993ddbdbdee885801d4895e99a75570bb3c1cd4f43d242ba9de7e91883593eaaa67026914eb8171acf521f638c1bfab34a987bdf60859c298b923fb01e3b
-
SSDEEP
3072:4LgXsi30fWSUsS6vG8fkPtPRROOmQL351FeZkTGNCCbWv/nGAGWYL:4ssRxzsPEOmQj51syGNCcMn//YL
Score10/10-
Cycbot
Cycbot is a backdoor and trojan written in C++..
-
Cycbot family
-
Detects Cycbot payload
Cycbot is a backdoor and trojan written in C++.
-
Modifies WinLogon for persistence
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-