General
-
Target
JaffaCakes118_80ce5561165f342addcfc1016ef35cca
-
Size
292KB
-
Sample
250116-yyfnzaxndr
-
MD5
80ce5561165f342addcfc1016ef35cca
-
SHA1
0a0432cd85c3f58632402247d206577eda174300
-
SHA256
6872916843425ef3efd3350709666d9f402e97885a542c5b0b1b69f3f24196b6
-
SHA512
dc8100bdde2dabf28843a87e2739315a10e6d3b569bc685423845791a6261c97b48d50ae9d43992ec4c63c304adcdac2bf749c5c8229005e2fd7dc1aa328cd7c
-
SSDEEP
3072:KZmpgG33H1u5F79GNgPrnw+fg+UbH8eIA6EfI73VrarwObkeLpp+RuDN4oXUyCkC:KzwHobkCbw+fAmdzLparwWLpgSGockl8
Malware Config
Targets
-
-
Target
JaffaCakes118_80ce5561165f342addcfc1016ef35cca
-
Size
292KB
-
MD5
80ce5561165f342addcfc1016ef35cca
-
SHA1
0a0432cd85c3f58632402247d206577eda174300
-
SHA256
6872916843425ef3efd3350709666d9f402e97885a542c5b0b1b69f3f24196b6
-
SHA512
dc8100bdde2dabf28843a87e2739315a10e6d3b569bc685423845791a6261c97b48d50ae9d43992ec4c63c304adcdac2bf749c5c8229005e2fd7dc1aa328cd7c
-
SSDEEP
3072:KZmpgG33H1u5F79GNgPrnw+fg+UbH8eIA6EfI73VrarwObkeLpp+RuDN4oXUyCkC:KzwHobkCbw+fAmdzLparwWLpgSGockl8
Score10/10-
Cycbot
Cycbot is a backdoor and trojan written in C++..
-
Cycbot family
-
Detects Cycbot payload
Cycbot is a backdoor and trojan written in C++.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Adds Run key to start application
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-