General
-
Target
JaffaCakes118_86888ae58520c810eaba83f6d7ee2cff
-
Size
157KB
-
Sample
250117-kjvmpaypfv
-
MD5
86888ae58520c810eaba83f6d7ee2cff
-
SHA1
eb5cc1809d2ed2d25a9145b8d49ccb0dd57795da
-
SHA256
4c40b7d656b04fe06d61f6d68d4074f5e43c043b89b04babbe07497b89c7b45d
-
SHA512
7cec6b1605e3c6efc902d706e397289c90a3c40909a2dc16ae4289ebb7e20ccd8e73a561d891e5a9cbfbfa0b694bfe1c07cc86570bad6b32d18e6ff760d39e3e
-
SSDEEP
3072:A47N22GUU91RUerVtzHpKIs1i9eIFNlU52hy7v8ZtqeuqJ3tqGCINvT:Rx22GUsqerVdpKt1i9eIPrJnJ3UdCL
Malware Config
Targets
-
-
Target
JaffaCakes118_86888ae58520c810eaba83f6d7ee2cff
-
Size
157KB
-
MD5
86888ae58520c810eaba83f6d7ee2cff
-
SHA1
eb5cc1809d2ed2d25a9145b8d49ccb0dd57795da
-
SHA256
4c40b7d656b04fe06d61f6d68d4074f5e43c043b89b04babbe07497b89c7b45d
-
SHA512
7cec6b1605e3c6efc902d706e397289c90a3c40909a2dc16ae4289ebb7e20ccd8e73a561d891e5a9cbfbfa0b694bfe1c07cc86570bad6b32d18e6ff760d39e3e
-
SSDEEP
3072:A47N22GUU91RUerVtzHpKIs1i9eIFNlU52hy7v8ZtqeuqJ3tqGCINvT:Rx22GUsqerVdpKt1i9eIPrJnJ3UdCL
Score10/10-
Cycbot
Cycbot is a backdoor and trojan written in C++..
-
Cycbot family
-
Detects Cycbot payload
Cycbot is a backdoor and trojan written in C++.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Adds Run key to start application
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-