General
-
Target
JaffaCakes118_e6c71130597fda963ac0528307de759f
-
Size
178KB
-
Sample
250120-pdhhdsykfv
-
MD5
e6c71130597fda963ac0528307de759f
-
SHA1
1b39189db375112568a7ba703d070dd52593776b
-
SHA256
2bfa9bac08223b802bd1fcce56c8a8d0e2df609658c5e6c84f0910e7b12fa4fd
-
SHA512
f2803de602cc2cef0621ec75f6696c9ef79e24e5c62886c94a8c9868f3b285430d4db9304516d6190438af18edc229acd2ca99061799169ec04c07213d5f1346
-
SSDEEP
3072:hl4ke/fmNZuo0eMGuIA2i5KUU6bBfsxwRvqaz5OXLhblsBRFGGhNMhqRs1sjx:hle2ND0ebAGf6l0uTVOXnsPEW6qRs1sd
Malware Config
Targets
-
-
Target
JaffaCakes118_e6c71130597fda963ac0528307de759f
-
Size
178KB
-
MD5
e6c71130597fda963ac0528307de759f
-
SHA1
1b39189db375112568a7ba703d070dd52593776b
-
SHA256
2bfa9bac08223b802bd1fcce56c8a8d0e2df609658c5e6c84f0910e7b12fa4fd
-
SHA512
f2803de602cc2cef0621ec75f6696c9ef79e24e5c62886c94a8c9868f3b285430d4db9304516d6190438af18edc229acd2ca99061799169ec04c07213d5f1346
-
SSDEEP
3072:hl4ke/fmNZuo0eMGuIA2i5KUU6bBfsxwRvqaz5OXLhblsBRFGGhNMhqRs1sjx:hle2ND0ebAGf6l0uTVOXnsPEW6qRs1sd
Score10/10-
Cycbot
Cycbot is a backdoor and trojan written in C++..
-
Cycbot family
-
Detects Cycbot payload
Cycbot is a backdoor and trojan written in C++.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Adds Run key to start application
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-