General
-
Target
JaffaCakes118_b76adc037fb8ca13d301f546b360662a
-
Size
178KB
-
Sample
250118-3kab9aykd1
-
MD5
b76adc037fb8ca13d301f546b360662a
-
SHA1
ccdb54ed0c83dc9a22247a8e66af007ec841e8ca
-
SHA256
21674e0f4de558ce837cd05c8975665fbc06e2c5e725747730ae7e7dd23768f4
-
SHA512
6ab2c86ecd6a74a52addabcbefa915adb1e07e4fe6e25c99f77e7da2877c5972717ba786b3008cb2536adac33fedd72e95345cc51bc82605adf28782129e3dc6
-
SSDEEP
3072:Tnluj8N5fVY9+2W1qvGTYk6/YbbQ9RVBzEER/WKtKknrtawk/Y5ouErEhjueO:TnltPtY9SYk6/Y/IVEEwKMURawk/Y5of
Malware Config
Targets
-
-
Target
JaffaCakes118_b76adc037fb8ca13d301f546b360662a
-
Size
178KB
-
MD5
b76adc037fb8ca13d301f546b360662a
-
SHA1
ccdb54ed0c83dc9a22247a8e66af007ec841e8ca
-
SHA256
21674e0f4de558ce837cd05c8975665fbc06e2c5e725747730ae7e7dd23768f4
-
SHA512
6ab2c86ecd6a74a52addabcbefa915adb1e07e4fe6e25c99f77e7da2877c5972717ba786b3008cb2536adac33fedd72e95345cc51bc82605adf28782129e3dc6
-
SSDEEP
3072:Tnluj8N5fVY9+2W1qvGTYk6/YbbQ9RVBzEER/WKtKknrtawk/Y5ouErEhjueO:TnltPtY9SYk6/Y/IVEEwKMURawk/Y5of
Score10/10-
Cycbot
Cycbot is a backdoor and trojan written in C++..
-
Cycbot family
-
Detects Cycbot payload
Cycbot is a backdoor and trojan written in C++.
-
Modifies WinLogon for persistence
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-