General
-
Target
JaffaCakes118_d118cc82a7e8f3d9ba4c3f1378dc9f89
-
Size
165KB
-
Sample
250119-yb7tyasmhx
-
MD5
d118cc82a7e8f3d9ba4c3f1378dc9f89
-
SHA1
8fef4391e3fe581385770f9953dd0f9645be6276
-
SHA256
2acfabd0596bc5f1737386469edc089c6ca2bc3e7e3224f1e886cf60a06ce1d5
-
SHA512
b285397f5f913312d8a27fbe2b1ff2d404f2b451b9657a984df0d769a9713749d8436fef0821083b2a774dc9eb3ed6a266fcd10f1a96d8213b2ab9c580a869fb
-
SSDEEP
3072:kf9yV1T5nif72ATCN/4TqgHydlmOE09U+2+oho/NfB3lioze+:kf9IifCkELjvmN09U+HohGNftz
Static task
static1
Behavioral task
behavioral1
Sample
JaffaCakes118_d118cc82a7e8f3d9ba4c3f1378dc9f89.exe
Resource
win7-20240903-en
Malware Config
Targets
-
-
Target
JaffaCakes118_d118cc82a7e8f3d9ba4c3f1378dc9f89
-
Size
165KB
-
MD5
d118cc82a7e8f3d9ba4c3f1378dc9f89
-
SHA1
8fef4391e3fe581385770f9953dd0f9645be6276
-
SHA256
2acfabd0596bc5f1737386469edc089c6ca2bc3e7e3224f1e886cf60a06ce1d5
-
SHA512
b285397f5f913312d8a27fbe2b1ff2d404f2b451b9657a984df0d769a9713749d8436fef0821083b2a774dc9eb3ed6a266fcd10f1a96d8213b2ab9c580a869fb
-
SSDEEP
3072:kf9yV1T5nif72ATCN/4TqgHydlmOE09U+2+oho/NfB3lioze+:kf9IifCkELjvmN09U+HohGNftz
-
Cycbot family
-
Detects Cycbot payload
Cycbot is a backdoor and trojan written in C++.
-
Modifies WinLogon for persistence
-