General
-
Target
JaffaCakes118_6f885b5cf83063796df80de97896f57e
-
Size
178KB
-
Sample
250116-jh9jsa1jam
-
MD5
6f885b5cf83063796df80de97896f57e
-
SHA1
7530ea982af3ed379ff8edb75d5656a7bd437ab8
-
SHA256
ab407357d168b1779cb6e2c9c978002c63c2708caba123f5ebc1aba99afe5cda
-
SHA512
267896d80011eb8499a86f61983e725eb9e025453cb9280e892d19ccf085ce294b5113560fd1da28e90797ab3cf31a62106e1f97bb63f262f2ef0ce7035d7b57
-
SSDEEP
3072:C2tNXiRKmPgTeVdH0bVr93DKkOwQm72+5/1E0J3MTpVh1zrCdDZxSx/iI:oKm8eV5eilma+5//NM9VTC1ZUB
Malware Config
Targets
-
-
Target
JaffaCakes118_6f885b5cf83063796df80de97896f57e
-
Size
178KB
-
MD5
6f885b5cf83063796df80de97896f57e
-
SHA1
7530ea982af3ed379ff8edb75d5656a7bd437ab8
-
SHA256
ab407357d168b1779cb6e2c9c978002c63c2708caba123f5ebc1aba99afe5cda
-
SHA512
267896d80011eb8499a86f61983e725eb9e025453cb9280e892d19ccf085ce294b5113560fd1da28e90797ab3cf31a62106e1f97bb63f262f2ef0ce7035d7b57
-
SSDEEP
3072:C2tNXiRKmPgTeVdH0bVr93DKkOwQm72+5/1E0J3MTpVh1zrCdDZxSx/iI:oKm8eV5eilma+5//NM9VTC1ZUB
Score10/10-
Cycbot
Cycbot is a backdoor and trojan written in C++..
-
Cycbot family
-
Detects Cycbot payload
Cycbot is a backdoor and trojan written in C++.
-
Modifies WinLogon for persistence
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-