General
-
Target
JaffaCakes118_8bf9e3e6d854b5a7c1c04d434821d9dc
-
Size
169KB
-
Sample
250117-pwqlqayman
-
MD5
8bf9e3e6d854b5a7c1c04d434821d9dc
-
SHA1
3cf16f13c815a783a469b108af20d85f9fe9a96b
-
SHA256
2af880b9152a4785d27b44918cf0bfdb68034972d0da3dd25aa5035e99dedc93
-
SHA512
b1a9af3d94a8b04987c9d9739eebd300deda66c78a85ce66bcc0cda85a41b6510e76647bcfc90493c147dc8b80c6a2a7819f7230d1b148ef4ad267d24143712d
-
SSDEEP
3072:AzpP73rH/odEaUpf0gu5EgrlSI8XZrOpPQlfdYvdMk1olr5a5W4z:OPHQdvUpf0gKEg0IJifUdTofa5W4z
Malware Config
Targets
-
-
Target
JaffaCakes118_8bf9e3e6d854b5a7c1c04d434821d9dc
-
Size
169KB
-
MD5
8bf9e3e6d854b5a7c1c04d434821d9dc
-
SHA1
3cf16f13c815a783a469b108af20d85f9fe9a96b
-
SHA256
2af880b9152a4785d27b44918cf0bfdb68034972d0da3dd25aa5035e99dedc93
-
SHA512
b1a9af3d94a8b04987c9d9739eebd300deda66c78a85ce66bcc0cda85a41b6510e76647bcfc90493c147dc8b80c6a2a7819f7230d1b148ef4ad267d24143712d
-
SSDEEP
3072:AzpP73rH/odEaUpf0gu5EgrlSI8XZrOpPQlfdYvdMk1olr5a5W4z:OPHQdvUpf0gKEg0IJifUdTofa5W4z
Score10/10-
Cycbot
Cycbot is a backdoor and trojan written in C++..
-
Cycbot family
-
Detects Cycbot payload
Cycbot is a backdoor and trojan written in C++.
-
Modifies WinLogon for persistence
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-