General
-
Target
JaffaCakes118_87fb8136431cdd5eb3893584acc30e6d
-
Size
167KB
-
Sample
250117-lth73ssmem
-
MD5
87fb8136431cdd5eb3893584acc30e6d
-
SHA1
b72c3d11bd58d245a4532d2644abd7369b4abe75
-
SHA256
696402889b6b3e16e8d89e2b446a506c06d11d9c60ad3548ec6329475eec1dec
-
SHA512
20ba019b527ddfc54da315f842e8c9fac2c63d3927d572f852b12600312125919e208175c6024a58337b1b89104a025b3246758825543991aa94da47d7c796ca
-
SSDEEP
3072:5C2W94EaIwgHPFaE+pWouiUEu9lLSxScXXV0AvLn9X5gHazbhefydIce:V3EF+pWqUtlmjXxDn9pWebAfsH
Malware Config
Targets
-
-
Target
JaffaCakes118_87fb8136431cdd5eb3893584acc30e6d
-
Size
167KB
-
MD5
87fb8136431cdd5eb3893584acc30e6d
-
SHA1
b72c3d11bd58d245a4532d2644abd7369b4abe75
-
SHA256
696402889b6b3e16e8d89e2b446a506c06d11d9c60ad3548ec6329475eec1dec
-
SHA512
20ba019b527ddfc54da315f842e8c9fac2c63d3927d572f852b12600312125919e208175c6024a58337b1b89104a025b3246758825543991aa94da47d7c796ca
-
SSDEEP
3072:5C2W94EaIwgHPFaE+pWouiUEu9lLSxScXXV0AvLn9X5gHazbhefydIce:V3EF+pWqUtlmjXxDn9pWebAfsH
Score10/10-
Cycbot
Cycbot is a backdoor and trojan written in C++..
-
Cycbot family
-
Detects Cycbot payload
Cycbot is a backdoor and trojan written in C++.
-
Modifies WinLogon for persistence
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-