General
-
Target
JaffaCakes118_b8f2952dbac342dc96e37e467001a42e
-
Size
171KB
-
Sample
250119-a7538aznet
-
MD5
b8f2952dbac342dc96e37e467001a42e
-
SHA1
a07999e20dfa01315a62eedae30a578e6eebba0c
-
SHA256
68702989be1ab3be2bcf8f86f1d92984125b53c151d805bbe099985da7c3b344
-
SHA512
78919a895c34a8d6eece4875cea98137fc90a2964e83534e07f9035e8a8475939a0cceb1dc04ac12bb86cc7a5409ed58973a93a6781c9dde286bf3cce7a75fb3
-
SSDEEP
3072:K6tMhwx8xxmOTeu20vZ8QtyFjIis8U4WGGsh+hvxZ8ZoaeXaoO+7SZnFTD:nMhwxEmOeulvftSjIiKvxuZx+aoX7SZn
Malware Config
Targets
-
-
Target
JaffaCakes118_b8f2952dbac342dc96e37e467001a42e
-
Size
171KB
-
MD5
b8f2952dbac342dc96e37e467001a42e
-
SHA1
a07999e20dfa01315a62eedae30a578e6eebba0c
-
SHA256
68702989be1ab3be2bcf8f86f1d92984125b53c151d805bbe099985da7c3b344
-
SHA512
78919a895c34a8d6eece4875cea98137fc90a2964e83534e07f9035e8a8475939a0cceb1dc04ac12bb86cc7a5409ed58973a93a6781c9dde286bf3cce7a75fb3
-
SSDEEP
3072:K6tMhwx8xxmOTeu20vZ8QtyFjIis8U4WGGsh+hvxZ8ZoaeXaoO+7SZnFTD:nMhwxEmOeulvftSjIiKvxuZx+aoX7SZn
Score10/10-
Cycbot
Cycbot is a backdoor and trojan written in C++..
-
Cycbot family
-
Detects Cycbot payload
Cycbot is a backdoor and trojan written in C++.
-
Modifies WinLogon for persistence
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-