General
-
Target
JaffaCakes118_73758fa615f728d11838e37a44b6518c
-
Size
179KB
-
Sample
250116-mfkpeswldw
-
MD5
73758fa615f728d11838e37a44b6518c
-
SHA1
876463c450e82fabe4ddfc382d34e478f49b5d11
-
SHA256
71c1ecfc638f50a38a3011d6fd8940475cdcd6859f6679951a3f6fae8b3b05f3
-
SHA512
34b58f5cd53aeff343666a62c08f5a4aa6ec6b1129ea9693b9455dacb651e68df8e51f951c52d75a640d62884614297872f4110d1d35e0d593f02acec078b88a
-
SSDEEP
3072:dHvqg5iVTxQ1Mgi0vMiQLWB6lpwyvUy3WLG3c4GfybK:Bqgr1MgiHFpzvd3ThG
Static task
static1
Behavioral task
behavioral1
Sample
JaffaCakes118_73758fa615f728d11838e37a44b6518c.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
JaffaCakes118_73758fa615f728d11838e37a44b6518c.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
JaffaCakes118_73758fa615f728d11838e37a44b6518c
-
Size
179KB
-
MD5
73758fa615f728d11838e37a44b6518c
-
SHA1
876463c450e82fabe4ddfc382d34e478f49b5d11
-
SHA256
71c1ecfc638f50a38a3011d6fd8940475cdcd6859f6679951a3f6fae8b3b05f3
-
SHA512
34b58f5cd53aeff343666a62c08f5a4aa6ec6b1129ea9693b9455dacb651e68df8e51f951c52d75a640d62884614297872f4110d1d35e0d593f02acec078b88a
-
SSDEEP
3072:dHvqg5iVTxQ1Mgi0vMiQLWB6lpwyvUy3WLG3c4GfybK:Bqgr1MgiHFpzvd3ThG
-
Cycbot family
-
Detects Cycbot payload
Cycbot is a backdoor and trojan written in C++.
-
Modifies WinLogon for persistence
-