General
-
Target
JaffaCakes118_9c084643ea35347f4caffb2faed788dd
-
Size
188KB
-
Sample
250118-bq4phayndv
-
MD5
9c084643ea35347f4caffb2faed788dd
-
SHA1
b722f3041ad0ac0140d84e0ba844621459de1e0d
-
SHA256
4f37e103fecbc46d2551227ba4057794cb25ea637c567de209d8aa2d8886eb6a
-
SHA512
f24a01459a40ed35850621e3c97b496642a8d3daeb4fa3335ce9d529c56ddc2ccd60eca0412bca47b8b05953163224fdaff2442ebdc710dc03818a7f32d5af25
-
SSDEEP
3072:TkPtPMf8xixTij41SZnzTfjAFNn1QdZM9IO6y+u9wDeJi77xCiXV5+1vt/FaVe67:TkVPM+KI1zjjPdZMxFg7hWFtYDH6WGuG
Malware Config
Targets
-
-
Target
JaffaCakes118_9c084643ea35347f4caffb2faed788dd
-
Size
188KB
-
MD5
9c084643ea35347f4caffb2faed788dd
-
SHA1
b722f3041ad0ac0140d84e0ba844621459de1e0d
-
SHA256
4f37e103fecbc46d2551227ba4057794cb25ea637c567de209d8aa2d8886eb6a
-
SHA512
f24a01459a40ed35850621e3c97b496642a8d3daeb4fa3335ce9d529c56ddc2ccd60eca0412bca47b8b05953163224fdaff2442ebdc710dc03818a7f32d5af25
-
SSDEEP
3072:TkPtPMf8xixTij41SZnzTfjAFNn1QdZM9IO6y+u9wDeJi77xCiXV5+1vt/FaVe67:TkVPM+KI1zjjPdZMxFg7hWFtYDH6WGuG
Score10/10-
Cycbot
Cycbot is a backdoor and trojan written in C++..
-
Cycbot family
-
Detects Cycbot payload
Cycbot is a backdoor and trojan written in C++.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Adds Run key to start application
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-