General
-
Target
JaffaCakes118_99b04d3795ea642bcac076dd31c86826
-
Size
184KB
-
Sample
250117-26dfcswkbv
-
MD5
99b04d3795ea642bcac076dd31c86826
-
SHA1
6f31ca127393d37244be041a78b57bd16e19340e
-
SHA256
24aa58f6c201f91fb1ccc0e12ee2d8442945aa9ede390e7f41dbf97823a00535
-
SHA512
640290f503bafe0efeb5af3caa72114f37eab7e93351eea970257111d1276540e775b270b2bab4568395982bf384d9bbc342ef27a2fe1298e42e25c4c1b07e2d
-
SSDEEP
3072:tClbp7aqoeoCFCyvS5KRFBAuysFdQ6aDHJt5jMyFoTw4ZMnG1LyQIqxnl0i8wt:UlbRXEKRXxyjlDHJt5R14unWjswt
Malware Config
Targets
-
-
Target
JaffaCakes118_99b04d3795ea642bcac076dd31c86826
-
Size
184KB
-
MD5
99b04d3795ea642bcac076dd31c86826
-
SHA1
6f31ca127393d37244be041a78b57bd16e19340e
-
SHA256
24aa58f6c201f91fb1ccc0e12ee2d8442945aa9ede390e7f41dbf97823a00535
-
SHA512
640290f503bafe0efeb5af3caa72114f37eab7e93351eea970257111d1276540e775b270b2bab4568395982bf384d9bbc342ef27a2fe1298e42e25c4c1b07e2d
-
SSDEEP
3072:tClbp7aqoeoCFCyvS5KRFBAuysFdQ6aDHJt5jMyFoTw4ZMnG1LyQIqxnl0i8wt:UlbRXEKRXxyjlDHJt5R14unWjswt
Score10/10-
Cycbot
Cycbot is a backdoor and trojan written in C++..
-
Cycbot family
-
Detects Cycbot payload
Cycbot is a backdoor and trojan written in C++.
-
Modifies WinLogon for persistence
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-