General
-
Target
JaffaCakes118_69ceb7f4c6e602400dc93637ae94a4b1
-
Size
177KB
-
Sample
250116-d7jrrs1ngj
-
MD5
69ceb7f4c6e602400dc93637ae94a4b1
-
SHA1
333c45c68307eff607cd802d6558775b0f9845a8
-
SHA256
1b9973292a4f821f661853620f588e74c12c7b0f5d5e2cc98dd9c4051762a874
-
SHA512
3cbab37b9531b036b800e206b518497603db392d807c11c434d8222e2daf7c156c14ca1212e9b45f3a50a367ed961ee3de6f59e3cc00da03c812cc97a4dfd594
-
SSDEEP
3072:o3RXLWmMt9ZeJJCErPUezCBjUZWiRzH2+zvt5iqVIENYhsZYbTaCewNZhumXqaHX:8dWHHaJrs8CBj+WiR2+Lv5VVNQsZYb8E
Malware Config
Targets
-
-
Target
JaffaCakes118_69ceb7f4c6e602400dc93637ae94a4b1
-
Size
177KB
-
MD5
69ceb7f4c6e602400dc93637ae94a4b1
-
SHA1
333c45c68307eff607cd802d6558775b0f9845a8
-
SHA256
1b9973292a4f821f661853620f588e74c12c7b0f5d5e2cc98dd9c4051762a874
-
SHA512
3cbab37b9531b036b800e206b518497603db392d807c11c434d8222e2daf7c156c14ca1212e9b45f3a50a367ed961ee3de6f59e3cc00da03c812cc97a4dfd594
-
SSDEEP
3072:o3RXLWmMt9ZeJJCErPUezCBjUZWiRzH2+zvt5iqVIENYhsZYbTaCewNZhumXqaHX:8dWHHaJrs8CBj+WiR2+Lv5VVNQsZYb8E
Score10/10-
Cycbot
Cycbot is a backdoor and trojan written in C++..
-
Cycbot family
-
Detects Cycbot payload
Cycbot is a backdoor and trojan written in C++.
-
Modifies WinLogon for persistence
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-