General
-
Target
JaffaCakes118_013adad2d639fb3845e0409196d4a373
-
Size
168KB
-
Sample
250121-b8zs9szncl
-
MD5
013adad2d639fb3845e0409196d4a373
-
SHA1
37e5ca3cd3507fdcfdcce1eff289b28f079eabf6
-
SHA256
c32b419d78a2d93e837db74d4c12b8e95896f0b1fc1dd431580963c618c20d29
-
SHA512
4b5cefcab43c1b9bbb0ab624aa7f6518309270071dabcbc8dd6602397d6e8bd5bef7c6e7cae083170d6d976fd9f16457afe33d56e4fee3ada18c9f8466554c62
-
SSDEEP
3072:fJLPiUc6ouhSB2x0mwbXw5xiuixOwOYF/9lVNxw0U1K2rKlmi/m5qHIR:f1KUcSyZuixaYF/Lxw0U82rweQIR
Malware Config
Targets
-
-
Target
JaffaCakes118_013adad2d639fb3845e0409196d4a373
-
Size
168KB
-
MD5
013adad2d639fb3845e0409196d4a373
-
SHA1
37e5ca3cd3507fdcfdcce1eff289b28f079eabf6
-
SHA256
c32b419d78a2d93e837db74d4c12b8e95896f0b1fc1dd431580963c618c20d29
-
SHA512
4b5cefcab43c1b9bbb0ab624aa7f6518309270071dabcbc8dd6602397d6e8bd5bef7c6e7cae083170d6d976fd9f16457afe33d56e4fee3ada18c9f8466554c62
-
SSDEEP
3072:fJLPiUc6ouhSB2x0mwbXw5xiuixOwOYF/9lVNxw0U1K2rKlmi/m5qHIR:f1KUcSyZuixaYF/Lxw0U82rweQIR
Score10/10-
Cycbot
Cycbot is a backdoor and trojan written in C++..
-
Cycbot family
-
Detects Cycbot payload
Cycbot is a backdoor and trojan written in C++.
-
Modifies WinLogon for persistence
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-