General
-
Target
JaffaCakes118_7817a43cf7f7350b05344ec4cce3183b
-
Size
163KB
-
Sample
250116-q1ln1asrct
-
MD5
7817a43cf7f7350b05344ec4cce3183b
-
SHA1
d7f6eaee04a9589b6e85fbd384390f46d75df400
-
SHA256
4ca9d12e46b0f6c02aeca689eb943179e4a7b461cd643b535de1aa79abe799ee
-
SHA512
4ead437b3f7f284cac582f1f5ddf9fe0493d1961280ff438884f6df54a7dcf87e95019bcbc7cd6a60381dfa02e34d2239060062a1d65657ca277517bdc64801c
-
SSDEEP
3072:CgR9Vjfy6pdySxR9gbHhtGNlz0y5qj3wakjlLQBr8nhnH22KaYO4FHxqNmb9:Cg1yt2700OBAnhnH2xaYO43Qmb
Malware Config
Targets
-
-
Target
JaffaCakes118_7817a43cf7f7350b05344ec4cce3183b
-
Size
163KB
-
MD5
7817a43cf7f7350b05344ec4cce3183b
-
SHA1
d7f6eaee04a9589b6e85fbd384390f46d75df400
-
SHA256
4ca9d12e46b0f6c02aeca689eb943179e4a7b461cd643b535de1aa79abe799ee
-
SHA512
4ead437b3f7f284cac582f1f5ddf9fe0493d1961280ff438884f6df54a7dcf87e95019bcbc7cd6a60381dfa02e34d2239060062a1d65657ca277517bdc64801c
-
SSDEEP
3072:CgR9Vjfy6pdySxR9gbHhtGNlz0y5qj3wakjlLQBr8nhnH22KaYO4FHxqNmb9:Cg1yt2700OBAnhnH2xaYO43Qmb
Score10/10-
Cycbot
Cycbot is a backdoor and trojan written in C++..
-
Cycbot family
-
Detects Cycbot payload
Cycbot is a backdoor and trojan written in C++.
-
Modifies WinLogon for persistence
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-