General
-
Target
1f120fd25fab993921ed77aae2adee48e3299d5cfff53f12574a8b5caf687b20N.exe
-
Size
165KB
-
Sample
250122-xvqjbs1jfx
-
MD5
a6f0d419ee603cbd8dfc1294ee995040
-
SHA1
98d0a8022f8cef14fa28a5071027201a1f27de89
-
SHA256
1f120fd25fab993921ed77aae2adee48e3299d5cfff53f12574a8b5caf687b20
-
SHA512
864fca6f6c67e270f732dd99534f773672127e16dbbe010a1391b2fa5e9594433b91d7a988381f2d74d9f1335c725e3577a443b4fd1323436afe12a12c530eab
-
SSDEEP
3072:5iEEum9D4z1AUW/UM07G/zzNc08xqNuAFDCyuaDn7No2BuRaYEszmnws1:5Guz1AUQUh7Grm0tNusCZ+u2Bm9gnw
Malware Config
Targets
-
-
Target
1f120fd25fab993921ed77aae2adee48e3299d5cfff53f12574a8b5caf687b20N.exe
-
Size
165KB
-
MD5
a6f0d419ee603cbd8dfc1294ee995040
-
SHA1
98d0a8022f8cef14fa28a5071027201a1f27de89
-
SHA256
1f120fd25fab993921ed77aae2adee48e3299d5cfff53f12574a8b5caf687b20
-
SHA512
864fca6f6c67e270f732dd99534f773672127e16dbbe010a1391b2fa5e9594433b91d7a988381f2d74d9f1335c725e3577a443b4fd1323436afe12a12c530eab
-
SSDEEP
3072:5iEEum9D4z1AUW/UM07G/zzNc08xqNuAFDCyuaDn7No2BuRaYEszmnws1:5Guz1AUQUh7Grm0tNusCZ+u2Bm9gnw
Score10/10-
Cycbot
Cycbot is a backdoor and trojan written in C++..
-
Cycbot family
-
Detects Cycbot payload
Cycbot is a backdoor and trojan written in C++.
-
Modifies WinLogon for persistence
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-