General
-
Target
JaffaCakes118_6f6a7dc4b25601d7519dac94414bd16e
-
Size
178KB
-
Sample
250116-je3xtsyrfx
-
MD5
6f6a7dc4b25601d7519dac94414bd16e
-
SHA1
357d6461bb6cc65cf1b5f99efbd5851c90dd1b35
-
SHA256
2ac0c2a5db6fd4c6036094e98a8fe8dec405f4315311336354c8054b8accdaed
-
SHA512
1f648d9bea0fd475d10d8a3949a0c738bda42281ea584dd8e7777e7bd0310530867bcee7dda4b8f821a0deccbd93d4af50ab066d42cd569c9279c96ee446e2d7
-
SSDEEP
3072:nUz9KfT1QzdofiNOBBuvmOo3PwObUYEDVOL7az4o3xVL8I3pmLUht1h57wC7Ri5:nA9ipqAiNOBBc0wOpEDVCXo3vL8IOItO
Malware Config
Targets
-
-
Target
JaffaCakes118_6f6a7dc4b25601d7519dac94414bd16e
-
Size
178KB
-
MD5
6f6a7dc4b25601d7519dac94414bd16e
-
SHA1
357d6461bb6cc65cf1b5f99efbd5851c90dd1b35
-
SHA256
2ac0c2a5db6fd4c6036094e98a8fe8dec405f4315311336354c8054b8accdaed
-
SHA512
1f648d9bea0fd475d10d8a3949a0c738bda42281ea584dd8e7777e7bd0310530867bcee7dda4b8f821a0deccbd93d4af50ab066d42cd569c9279c96ee446e2d7
-
SSDEEP
3072:nUz9KfT1QzdofiNOBBuvmOo3PwObUYEDVOL7az4o3xVL8I3pmLUht1h57wC7Ri5:nA9ipqAiNOBBc0wOpEDVCXo3vL8IOItO
Score10/10-
Cycbot
Cycbot is a backdoor and trojan written in C++..
-
Cycbot family
-
Detects Cycbot payload
Cycbot is a backdoor and trojan written in C++.
-
Modifies WinLogon for persistence
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-