General
-
Target
JaffaCakes118_c5f575aa740961e2e7066e15ce9ac6c6
-
Size
172KB
-
Sample
250119-m7cswsvkbz
-
MD5
c5f575aa740961e2e7066e15ce9ac6c6
-
SHA1
8acf825ebd7b81e4d06507de2fa8cdcf847378ef
-
SHA256
22f4b33929989101a1f6d118cb64379fec36f16016ee9a7edc71f3cf1479e9a3
-
SHA512
1e218c950d350b0a38cd969d8cd73ad058b031b664bccabd9ab4de7f8c6a3db931e345da034f45fea09c0227335a77c6e59ea24a2d51014ad230eb5b0109a7e8
-
SSDEEP
3072:BCfuCAZWOG6w4j3Gvt6NicQid8lRsgeh8QHNnAYRWnThy5Tv4I5TKn3d:ZCD6ljCuiti6R5cNnAOWdy94Ld
Malware Config
Targets
-
-
Target
JaffaCakes118_c5f575aa740961e2e7066e15ce9ac6c6
-
Size
172KB
-
MD5
c5f575aa740961e2e7066e15ce9ac6c6
-
SHA1
8acf825ebd7b81e4d06507de2fa8cdcf847378ef
-
SHA256
22f4b33929989101a1f6d118cb64379fec36f16016ee9a7edc71f3cf1479e9a3
-
SHA512
1e218c950d350b0a38cd969d8cd73ad058b031b664bccabd9ab4de7f8c6a3db931e345da034f45fea09c0227335a77c6e59ea24a2d51014ad230eb5b0109a7e8
-
SSDEEP
3072:BCfuCAZWOG6w4j3Gvt6NicQid8lRsgeh8QHNnAYRWnThy5Tv4I5TKn3d:ZCD6ljCuiti6R5cNnAOWdy94Ld
Score10/10-
Cycbot
Cycbot is a backdoor and trojan written in C++..
-
Cycbot family
-
Detects Cycbot payload
Cycbot is a backdoor and trojan written in C++.
-
Modifies WinLogon for persistence
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-