General
-
Target
JaffaCakes118_8701351287784126d2b6fc00a3f7215b
-
Size
165KB
-
Sample
250117-kyn4fszrel
-
MD5
8701351287784126d2b6fc00a3f7215b
-
SHA1
1b8f28a02416d12e485f06b445994c17ecf89fff
-
SHA256
198bf94a578eb6a3403029983d49bfaec46c5faa07053de40168a6572e9ebf9c
-
SHA512
f9cd6aa7bc05611c1f2baf2f968be3dca989af33286d40132e3fb16f7c4fcc202ddb254dfe4d4e1b1103cdf20e11271df7f63760259cb745eddaaf02d74d35b2
-
SSDEEP
3072:snouwXqQPvUubHKBT3D8kH4/xA02cRHwneYifp5rMARkygyNbVGPzYtKrU:EouwXqQPvUuSDH4Jp2OaIRCJtHU
Malware Config
Targets
-
-
Target
JaffaCakes118_8701351287784126d2b6fc00a3f7215b
-
Size
165KB
-
MD5
8701351287784126d2b6fc00a3f7215b
-
SHA1
1b8f28a02416d12e485f06b445994c17ecf89fff
-
SHA256
198bf94a578eb6a3403029983d49bfaec46c5faa07053de40168a6572e9ebf9c
-
SHA512
f9cd6aa7bc05611c1f2baf2f968be3dca989af33286d40132e3fb16f7c4fcc202ddb254dfe4d4e1b1103cdf20e11271df7f63760259cb745eddaaf02d74d35b2
-
SSDEEP
3072:snouwXqQPvUubHKBT3D8kH4/xA02cRHwneYifp5rMARkygyNbVGPzYtKrU:EouwXqQPvUuSDH4Jp2OaIRCJtHU
Score10/10-
Cycbot
Cycbot is a backdoor and trojan written in C++..
-
Cycbot family
-
Detects Cycbot payload
Cycbot is a backdoor and trojan written in C++.
-
Modifies WinLogon for persistence
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-