General
-
Target
JaffaCakes118_911b27dda4e00aa6a8ac3a39217e6abd
-
Size
169KB
-
Sample
250117-tw9f2swkct
-
MD5
911b27dda4e00aa6a8ac3a39217e6abd
-
SHA1
a12b506a03f79a027611c596a7ee02eec2ea2552
-
SHA256
256fa557eb3df945bdfd42362e368fc25b854089fd649263093aa08540a4fae2
-
SHA512
4fe885b423e2052cf8ed4ee9005549b0821aa44e4e3a01f107eab6cdc7631becdeb77728f1c3ebfc99addef9bcbb378dd3b4da6ec751daf4e7ccd82626fe3723
-
SSDEEP
3072:L7RuhzE1AfWSNR2g8fcX/jTOnK8kKIVP/9I2ULMtjC9yfD71QOFE8BY:RS4JWRv8kvjTeKNK+y2ksjh774F
Malware Config
Targets
-
-
Target
JaffaCakes118_911b27dda4e00aa6a8ac3a39217e6abd
-
Size
169KB
-
MD5
911b27dda4e00aa6a8ac3a39217e6abd
-
SHA1
a12b506a03f79a027611c596a7ee02eec2ea2552
-
SHA256
256fa557eb3df945bdfd42362e368fc25b854089fd649263093aa08540a4fae2
-
SHA512
4fe885b423e2052cf8ed4ee9005549b0821aa44e4e3a01f107eab6cdc7631becdeb77728f1c3ebfc99addef9bcbb378dd3b4da6ec751daf4e7ccd82626fe3723
-
SSDEEP
3072:L7RuhzE1AfWSNR2g8fcX/jTOnK8kKIVP/9I2ULMtjC9yfD71QOFE8BY:RS4JWRv8kvjTeKNK+y2ksjh774F
Score10/10-
Cycbot
Cycbot is a backdoor and trojan written in C++..
-
Cycbot family
-
Detects Cycbot payload
Cycbot is a backdoor and trojan written in C++.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Adds Run key to start application
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-