General
-
Target
JaffaCakes118_74ce5b017a38597f7f82f49d108eb747
-
Size
165KB
-
Sample
250116-nlh88axrfv
-
MD5
74ce5b017a38597f7f82f49d108eb747
-
SHA1
73dafc8339923aa6589baf546917bf797b35e406
-
SHA256
210e53389f31229737bff81b5d7959563e311c8f718ff439035a31da3c3b8a8c
-
SHA512
8b14b2b4b48ec4949d1fef77cd4b7a0280c08092c06dd214e812db7fc1ba29a7e614690ceb599720a0d008ba52f90d24933517917db6e28f55092f3cd6c51cf0
-
SSDEEP
3072:rDSpSLmyts3JgpAOV2E/RhNpgULX8LHodser6D8g8tFlr7pJa8ihWIpRq5M:niSLmytGJ+VX/lpgUILIdX6P8J5Ja8I1
Malware Config
Targets
-
-
Target
JaffaCakes118_74ce5b017a38597f7f82f49d108eb747
-
Size
165KB
-
MD5
74ce5b017a38597f7f82f49d108eb747
-
SHA1
73dafc8339923aa6589baf546917bf797b35e406
-
SHA256
210e53389f31229737bff81b5d7959563e311c8f718ff439035a31da3c3b8a8c
-
SHA512
8b14b2b4b48ec4949d1fef77cd4b7a0280c08092c06dd214e812db7fc1ba29a7e614690ceb599720a0d008ba52f90d24933517917db6e28f55092f3cd6c51cf0
-
SSDEEP
3072:rDSpSLmyts3JgpAOV2E/RhNpgULX8LHodser6D8g8tFlr7pJa8ihWIpRq5M:niSLmytGJ+VX/lpgUILIdX6P8J5Ja8I1
Score10/10-
Cycbot
Cycbot is a backdoor and trojan written in C++..
-
Cycbot family
-
Detects Cycbot payload
Cycbot is a backdoor and trojan written in C++.
-
Modifies WinLogon for persistence
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-