General
-
Target
JaffaCakes118_a8f715e805029fd9960ba55c371e6283
-
Size
165KB
-
Sample
250118-nyplrsslet
-
MD5
a8f715e805029fd9960ba55c371e6283
-
SHA1
bdde5b4efdfa86fc0d203b89a3025917feb5fe31
-
SHA256
287d4f67c26fa2c2d37949fd3b808c66a42ce76b869c3921f92e97cc7ab5d8fc
-
SHA512
6d34ec5a5060096ae47948fcc5eae4334e0792bfb1044d622c29ce9127d366e1ca81891d5c4045858e07f8d868172ab2db9c6f757032ce1aedafcc4e2c4c15bb
-
SSDEEP
3072:etywFfbydLv0hX4L2zHzlhnNbFisqIylmOO0H6U7bXjuh+mXH7LU2RQ6+C/QgJK:etIQo6zHxhntX3OOY6UehdHXqIVJK
Malware Config
Targets
-
-
Target
JaffaCakes118_a8f715e805029fd9960ba55c371e6283
-
Size
165KB
-
MD5
a8f715e805029fd9960ba55c371e6283
-
SHA1
bdde5b4efdfa86fc0d203b89a3025917feb5fe31
-
SHA256
287d4f67c26fa2c2d37949fd3b808c66a42ce76b869c3921f92e97cc7ab5d8fc
-
SHA512
6d34ec5a5060096ae47948fcc5eae4334e0792bfb1044d622c29ce9127d366e1ca81891d5c4045858e07f8d868172ab2db9c6f757032ce1aedafcc4e2c4c15bb
-
SSDEEP
3072:etywFfbydLv0hX4L2zHzlhnNbFisqIylmOO0H6U7bXjuh+mXH7LU2RQ6+C/QgJK:etIQo6zHxhntX3OOY6UehdHXqIVJK
Score10/10-
Cycbot
Cycbot is a backdoor and trojan written in C++..
-
Cycbot family
-
Detects Cycbot payload
Cycbot is a backdoor and trojan written in C++.
-
Modifies WinLogon for persistence
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-