General
-
Target
JaffaCakes118_ddc19d4475be5bda92e4f926278c8b41
-
Size
185KB
-
Sample
250120-ga63kstmhs
-
MD5
ddc19d4475be5bda92e4f926278c8b41
-
SHA1
2a9c8451727ac4c0c9653893940872f8e2d8103f
-
SHA256
4da72b7a061d8a7a513f0fcb259bf2d6756bb33e140b427c7aa72211fefff457
-
SHA512
6b7d2ba95d8d5b31f165da87e9f73038b461cc63217a8be62180f6017991a111e248fd77207fab0b84b0aba6248a572f6116496f9cffb016e7f7a7394c34c1ae
-
SSDEEP
3072:mVbrePcUkYS3BV+xoTcrhOKw1wniZywxmGyCc5ecHZeA0yZIbAabvCgIhgUFPK6I:rtS3vUrhNMHZcCc5eOe1Tk4vIh5
Malware Config
Targets
-
-
Target
JaffaCakes118_ddc19d4475be5bda92e4f926278c8b41
-
Size
185KB
-
MD5
ddc19d4475be5bda92e4f926278c8b41
-
SHA1
2a9c8451727ac4c0c9653893940872f8e2d8103f
-
SHA256
4da72b7a061d8a7a513f0fcb259bf2d6756bb33e140b427c7aa72211fefff457
-
SHA512
6b7d2ba95d8d5b31f165da87e9f73038b461cc63217a8be62180f6017991a111e248fd77207fab0b84b0aba6248a572f6116496f9cffb016e7f7a7394c34c1ae
-
SSDEEP
3072:mVbrePcUkYS3BV+xoTcrhOKw1wniZywxmGyCc5ecHZeA0yZIbAabvCgIhgUFPK6I:rtS3vUrhNMHZcCc5eOe1Tk4vIh5
Score10/10-
Cycbot
Cycbot is a backdoor and trojan written in C++..
-
Cycbot family
-
Detects Cycbot payload
Cycbot is a backdoor and trojan written in C++.
-
Modifies WinLogon for persistence
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-