General
-
Target
JaffaCakes118_cf21d704a8a9ada5afa5ca8cfe55b62b
-
Size
177KB
-
Sample
250119-wt5q7aznen
-
MD5
cf21d704a8a9ada5afa5ca8cfe55b62b
-
SHA1
249c24403e4d2052b4cda24b49ed7c19fc2a68dd
-
SHA256
2a2baf485a65c77dc036b91e7bb0972aef023d3f3597612417ca960572017c2e
-
SHA512
f1785e1cfa3c9b574a70813d02fd09b53b9a3b3a394de61783b172315cf8ebbe0bab7e423b537c6c6d26fe49130128b7b3738461921d868a8988d2e922e31532
-
SSDEEP
3072:MvG3FEU017rsDtYUvkzau45BUlzgzvuhayo2A4mcsJOCQZF9/o613Nb8PMZd:JP017rqmzk5kELuBAP3JziF9/3Nb8PMz
Static task
static1
Behavioral task
behavioral1
Sample
JaffaCakes118_cf21d704a8a9ada5afa5ca8cfe55b62b.exe
Resource
win7-20241023-en
Behavioral task
behavioral2
Sample
JaffaCakes118_cf21d704a8a9ada5afa5ca8cfe55b62b.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
JaffaCakes118_cf21d704a8a9ada5afa5ca8cfe55b62b
-
Size
177KB
-
MD5
cf21d704a8a9ada5afa5ca8cfe55b62b
-
SHA1
249c24403e4d2052b4cda24b49ed7c19fc2a68dd
-
SHA256
2a2baf485a65c77dc036b91e7bb0972aef023d3f3597612417ca960572017c2e
-
SHA512
f1785e1cfa3c9b574a70813d02fd09b53b9a3b3a394de61783b172315cf8ebbe0bab7e423b537c6c6d26fe49130128b7b3738461921d868a8988d2e922e31532
-
SSDEEP
3072:MvG3FEU017rsDtYUvkzau45BUlzgzvuhayo2A4mcsJOCQZF9/o613Nb8PMZd:JP017rqmzk5kELuBAP3JziF9/3Nb8PMz
-
Cycbot family
-
Detects Cycbot payload
Cycbot is a backdoor and trojan written in C++.
-
Modifies WinLogon for persistence
-