General
-
Target
JaffaCakes118_ac336be0084400b8449911f3c6134816
-
Size
165KB
-
Sample
250118-rqzzbavqhy
-
MD5
ac336be0084400b8449911f3c6134816
-
SHA1
9cbe8899e8de4b8838bf85b59d9ac15437b3c9ae
-
SHA256
19afa28fa0ee6586c94f8f14b074199e42ddb2179ca50be1372ad6a5fced3663
-
SHA512
e4181f207d7fcae1f6996658ef451a6ff70ae9dcc984ba260254d092d4a4d206e059fa6fdbab507aa57755cc9de54f1ca75e5d3de1b7fc653acb550bc4cd0e64
-
SSDEEP
3072:ny0BNkzJWZFnBTb9d0o11UQEN7aKwhQG0zdwC4ScD6lToVnWWtBGoEdIKDo2RA/B:ny0jkF4n19d0o/ENdOfad8hDEQ5tkfIj
Malware Config
Targets
-
-
Target
JaffaCakes118_ac336be0084400b8449911f3c6134816
-
Size
165KB
-
MD5
ac336be0084400b8449911f3c6134816
-
SHA1
9cbe8899e8de4b8838bf85b59d9ac15437b3c9ae
-
SHA256
19afa28fa0ee6586c94f8f14b074199e42ddb2179ca50be1372ad6a5fced3663
-
SHA512
e4181f207d7fcae1f6996658ef451a6ff70ae9dcc984ba260254d092d4a4d206e059fa6fdbab507aa57755cc9de54f1ca75e5d3de1b7fc653acb550bc4cd0e64
-
SSDEEP
3072:ny0BNkzJWZFnBTb9d0o11UQEN7aKwhQG0zdwC4ScD6lToVnWWtBGoEdIKDo2RA/B:ny0jkF4n19d0o/ENdOfad8hDEQ5tkfIj
Score10/10-
Cycbot
Cycbot is a backdoor and trojan written in C++..
-
Cycbot family
-
Detects Cycbot payload
Cycbot is a backdoor and trojan written in C++.
-
Modifies WinLogon for persistence
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-