General
-
Target
JaffaCakes118_67c31b83e83098964f5f43cb4aeef38c
-
Size
164KB
-
Sample
250116-chs4gawlcs
-
MD5
67c31b83e83098964f5f43cb4aeef38c
-
SHA1
0c48d64fcc5b8d95f9012516f674837b5eb54e78
-
SHA256
14947c5cf10a8cbcc0dedfa7e98d039f7fac473a10e15f771f5da29c33076d1a
-
SHA512
756471651c942ceeb2e80247bbc4b1c3e3a18f00679ae528ea14466cf8a6487df84b6f61c06f9a5c8bf4018a17d048c75b0d4921f134acec2579ca9ae8435db9
-
SSDEEP
3072:Ay11Z4oCZpZ+2/N3jCkwwyqN/GJ2KfJ0xVdUpLughILqY4cuGUXwdJyv:zr4C2/tjCk5yi/02bdUgdzJUXy
Malware Config
Targets
-
-
Target
JaffaCakes118_67c31b83e83098964f5f43cb4aeef38c
-
Size
164KB
-
MD5
67c31b83e83098964f5f43cb4aeef38c
-
SHA1
0c48d64fcc5b8d95f9012516f674837b5eb54e78
-
SHA256
14947c5cf10a8cbcc0dedfa7e98d039f7fac473a10e15f771f5da29c33076d1a
-
SHA512
756471651c942ceeb2e80247bbc4b1c3e3a18f00679ae528ea14466cf8a6487df84b6f61c06f9a5c8bf4018a17d048c75b0d4921f134acec2579ca9ae8435db9
-
SSDEEP
3072:Ay11Z4oCZpZ+2/N3jCkwwyqN/GJ2KfJ0xVdUpLughILqY4cuGUXwdJyv:zr4C2/tjCk5yi/02bdUgdzJUXy
Score10/10-
Cycbot
Cycbot is a backdoor and trojan written in C++..
-
Cycbot family
-
Detects Cycbot payload
Cycbot is a backdoor and trojan written in C++.
-
Modifies WinLogon for persistence
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-