General
-
Target
JaffaCakes118_1436ccff26389a594fd0cd58f1e79258
-
Size
178KB
-
Sample
250123-gg3czawqcj
-
MD5
1436ccff26389a594fd0cd58f1e79258
-
SHA1
b1030abc4976e50882b541f75fe53e8a6a58d534
-
SHA256
ca0233df7c6ebc80947f05e9735dde10bbee1adf9fcda2d09b7c6284693e08b9
-
SHA512
582b6aeb449b5ca3e284e30f2a0b036c528eba9438259c2d04206c1bbaaf7c0bde6297396a11a95b85159b046a6649f4f07087c63197194ae7aa118d21674a92
-
SSDEEP
3072:wh9h9L//5SseRsWfUaKj1JSOwxsIeTTpkMW/3Up7HLXYWcxDnaoJB+n:whNL/BSse6aO1JNGrHM0m0WcxDnpJ8
Malware Config
Targets
-
-
Target
JaffaCakes118_1436ccff26389a594fd0cd58f1e79258
-
Size
178KB
-
MD5
1436ccff26389a594fd0cd58f1e79258
-
SHA1
b1030abc4976e50882b541f75fe53e8a6a58d534
-
SHA256
ca0233df7c6ebc80947f05e9735dde10bbee1adf9fcda2d09b7c6284693e08b9
-
SHA512
582b6aeb449b5ca3e284e30f2a0b036c528eba9438259c2d04206c1bbaaf7c0bde6297396a11a95b85159b046a6649f4f07087c63197194ae7aa118d21674a92
-
SSDEEP
3072:wh9h9L//5SseRsWfUaKj1JSOwxsIeTTpkMW/3Up7HLXYWcxDnaoJB+n:whNL/BSse6aO1JNGrHM0m0WcxDnpJ8
Score10/10-
Cycbot
Cycbot is a backdoor and trojan written in C++..
-
Cycbot family
-
Detects Cycbot payload
Cycbot is a backdoor and trojan written in C++.
-
Modifies WinLogon for persistence
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-