General
-
Target
JaffaCakes118_872defbb5a96b326fb18de1d4c3c89be
-
Size
174KB
-
Sample
250117-k3897a1kfk
-
MD5
872defbb5a96b326fb18de1d4c3c89be
-
SHA1
6403420c52e662d4118e4fc95acd258e09183689
-
SHA256
ae603234ce5d91faaebaa47d47025c1cb28d8e79c5820ed61b0f15a2b42cac9f
-
SHA512
ebf29d9906a7c75cb780123324c3dcf7c4dd11f059cabc346122de7365a6b80e55b58aab5997cc947b08c2d62ea8869da28d3afea11d8dc3e27ac88aa5bd7536
-
SSDEEP
3072:2vW+2IUadlM4GD8hzSyM6kb5G1zIRObix0AoMBiOKoYkEI52Ap+hlmlzeHh4/T8I:2vW+Br6epkb5G1MRN0cBiroYI2Qlzb8I
Malware Config
Targets
-
-
Target
JaffaCakes118_872defbb5a96b326fb18de1d4c3c89be
-
Size
174KB
-
MD5
872defbb5a96b326fb18de1d4c3c89be
-
SHA1
6403420c52e662d4118e4fc95acd258e09183689
-
SHA256
ae603234ce5d91faaebaa47d47025c1cb28d8e79c5820ed61b0f15a2b42cac9f
-
SHA512
ebf29d9906a7c75cb780123324c3dcf7c4dd11f059cabc346122de7365a6b80e55b58aab5997cc947b08c2d62ea8869da28d3afea11d8dc3e27ac88aa5bd7536
-
SSDEEP
3072:2vW+2IUadlM4GD8hzSyM6kb5G1zIRObix0AoMBiOKoYkEI52Ap+hlmlzeHh4/T8I:2vW+Br6epkb5G1MRN0cBiroYI2Qlzb8I
Score10/10-
Cycbot
Cycbot is a backdoor and trojan written in C++..
-
Cycbot family
-
Detects Cycbot payload
Cycbot is a backdoor and trojan written in C++.
-
Modifies WinLogon for persistence
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-