General
-
Target
JaffaCakes118_1e8a3386fd870d5d76dd7b06fe9786b7
-
Size
168KB
-
Sample
250124-gmd8bstjgw
-
MD5
1e8a3386fd870d5d76dd7b06fe9786b7
-
SHA1
74cde0a331633a99b3549a8edc1b006360da67d9
-
SHA256
12c2ef3e3dd062923135bb03f7487f8429811cb748f98822d303a1a87fb13592
-
SHA512
578e22867cb9ee907f3236d8e52a43a53f276cf664cb7ed7a5b6ef0deb2961a0045d2597d65243970daa580919d87e45bb05f43392fdccfe992ff524318e175f
-
SSDEEP
3072:AqU/dvWKBwW3dU1iJhl45OoaVGjNjGT4k8PLV1q5dSqtF6V8a8ORnC0:QVvj33kiJhlNNVGjATULVQ3SYMd82Z
Malware Config
Targets
-
-
Target
JaffaCakes118_1e8a3386fd870d5d76dd7b06fe9786b7
-
Size
168KB
-
MD5
1e8a3386fd870d5d76dd7b06fe9786b7
-
SHA1
74cde0a331633a99b3549a8edc1b006360da67d9
-
SHA256
12c2ef3e3dd062923135bb03f7487f8429811cb748f98822d303a1a87fb13592
-
SHA512
578e22867cb9ee907f3236d8e52a43a53f276cf664cb7ed7a5b6ef0deb2961a0045d2597d65243970daa580919d87e45bb05f43392fdccfe992ff524318e175f
-
SSDEEP
3072:AqU/dvWKBwW3dU1iJhl45OoaVGjNjGT4k8PLV1q5dSqtF6V8a8ORnC0:QVvj33kiJhlNNVGjATULVQ3SYMd82Z
Score10/10-
Cycbot
Cycbot is a backdoor and trojan written in C++..
-
Cycbot family
-
Detects Cycbot payload
Cycbot is a backdoor and trojan written in C++.
-
Modifies WinLogon for persistence
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-