General
-
Target
JaffaCakes118_d3e85bad23d90ffcb73f0c61941412fd
-
Size
192KB
-
Sample
250119-1hl7xsxpbm
-
MD5
d3e85bad23d90ffcb73f0c61941412fd
-
SHA1
9aa70d07b3e084047aae478f6ffbcfc23036062e
-
SHA256
afa673eeb93e6bbb32faf878a9fe06cfb1cb602f41b0aa5f00495201622728e5
-
SHA512
87b740ecc65c8ae21dc2f41aa2a34b21e933731b77ae864c1dfd2ec9061755c8705ceb919e6c68d9bcd7e3977580a2d987202672af14e824cc63625986c7d511
-
SSDEEP
3072:CgIUkEId9mBXyPMr49tKsiX8ogAICwgfBVpwrACgo3cZk6yZ/Ab9tvEK8u17rkps:wUk8gY4tKr8XAIiZ/QcZBytAb9aMYe1
Malware Config
Targets
-
-
Target
JaffaCakes118_d3e85bad23d90ffcb73f0c61941412fd
-
Size
192KB
-
MD5
d3e85bad23d90ffcb73f0c61941412fd
-
SHA1
9aa70d07b3e084047aae478f6ffbcfc23036062e
-
SHA256
afa673eeb93e6bbb32faf878a9fe06cfb1cb602f41b0aa5f00495201622728e5
-
SHA512
87b740ecc65c8ae21dc2f41aa2a34b21e933731b77ae864c1dfd2ec9061755c8705ceb919e6c68d9bcd7e3977580a2d987202672af14e824cc63625986c7d511
-
SSDEEP
3072:CgIUkEId9mBXyPMr49tKsiX8ogAICwgfBVpwrACgo3cZk6yZ/Ab9tvEK8u17rkps:wUk8gY4tKr8XAIiZ/QcZBytAb9aMYe1
Score10/10-
Cycbot
Cycbot is a backdoor and trojan written in C++..
-
Cycbot family
-
Detects Cycbot payload
Cycbot is a backdoor and trojan written in C++.
-
Modifies WinLogon for persistence
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-