General
-
Target
JaffaCakes118_a898e3fa3c2223f50db5d5e8188cfcac
-
Size
190KB
-
Sample
250118-nme8yssjcx
-
MD5
a898e3fa3c2223f50db5d5e8188cfcac
-
SHA1
eda122796fd556240473fa4ea04e64242700664e
-
SHA256
4e8a25a81a35fd1db81abd379a3230301540fff1f7fb856199cb7be9a6733a75
-
SHA512
426c7ec7aa23f50a5670cb8b4fcd79b4bf63c8cd7a4e8ce105bfea67367834dd70f66f117085ad389e72dd0019db5099685e0e91ada4a4a8d2ea8944be32d09c
-
SSDEEP
3072:NRRbG0T2diTHlFzfVybKDT1wfbh2R/OQmcFSn8zfgYe4GBsdhVPrD4NcpSLk+GpI:NR/BDlFzvqNo2PcF7etsdhRHhkGSAC
Malware Config
Targets
-
-
Target
JaffaCakes118_a898e3fa3c2223f50db5d5e8188cfcac
-
Size
190KB
-
MD5
a898e3fa3c2223f50db5d5e8188cfcac
-
SHA1
eda122796fd556240473fa4ea04e64242700664e
-
SHA256
4e8a25a81a35fd1db81abd379a3230301540fff1f7fb856199cb7be9a6733a75
-
SHA512
426c7ec7aa23f50a5670cb8b4fcd79b4bf63c8cd7a4e8ce105bfea67367834dd70f66f117085ad389e72dd0019db5099685e0e91ada4a4a8d2ea8944be32d09c
-
SSDEEP
3072:NRRbG0T2diTHlFzfVybKDT1wfbh2R/OQmcFSn8zfgYe4GBsdhVPrD4NcpSLk+GpI:NR/BDlFzvqNo2PcF7etsdhRHhkGSAC
Score10/10-
Cycbot
Cycbot is a backdoor and trojan written in C++..
-
Cycbot family
-
Detects Cycbot payload
Cycbot is a backdoor and trojan written in C++.
-
Modifies WinLogon for persistence
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-