General
-
Target
JaffaCakes118_b54658f1fa7b95bbc1ad9779e9df0d7a
-
Size
156KB
-
Sample
250118-1jdl6swpbl
-
MD5
b54658f1fa7b95bbc1ad9779e9df0d7a
-
SHA1
847b723bf079145616811ad8d774524606057e8a
-
SHA256
764e162e3b5b6eea459286575442cc2a06878db1acdd87426392b896662e3700
-
SHA512
cd5812cfe2335d39a4400035888ca450947a9ea7b6f82013f6e823fb2a6aa8beb24d13da128aa37cf007e079c21cb2616bc8a22fe270d786b4590d9cc81e0365
-
SSDEEP
3072:h1AV61tuPhQI6oJu0Dwv5n+qrKw/ZwTGARKCL5Mfk1DTRX5hffsnz+pTi:LbtuPheR5vpnmcQRJL0ADTRJ9fszR
Malware Config
Targets
-
-
Target
JaffaCakes118_b54658f1fa7b95bbc1ad9779e9df0d7a
-
Size
156KB
-
MD5
b54658f1fa7b95bbc1ad9779e9df0d7a
-
SHA1
847b723bf079145616811ad8d774524606057e8a
-
SHA256
764e162e3b5b6eea459286575442cc2a06878db1acdd87426392b896662e3700
-
SHA512
cd5812cfe2335d39a4400035888ca450947a9ea7b6f82013f6e823fb2a6aa8beb24d13da128aa37cf007e079c21cb2616bc8a22fe270d786b4590d9cc81e0365
-
SSDEEP
3072:h1AV61tuPhQI6oJu0Dwv5n+qrKw/ZwTGARKCL5Mfk1DTRX5hffsnz+pTi:LbtuPheR5vpnmcQRJL0ADTRJ9fszR
Score10/10-
Cycbot
Cycbot is a backdoor and trojan written in C++..
-
Cycbot family
-
Detects Cycbot payload
Cycbot is a backdoor and trojan written in C++.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Adds Run key to start application
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-