General
-
Target
JaffaCakes118_2c41a67dc2be1ae16922554c8158503c
-
Size
162KB
-
Sample
250125-q4gjfsxjcq
-
MD5
2c41a67dc2be1ae16922554c8158503c
-
SHA1
88c6fea0d36f3736912c7d52f9b2c2a7eadddc49
-
SHA256
c36ea273277eecbd3b7a10ff1119f2b263fd2d3661f71ed4e862d860f3cb9269
-
SHA512
da673002c2c301415c1bb10bc0eaf7636e81e4ebb61d693488decf1d562848847e69a54172255e592c853025e42de301e2ba2c7ca34963a4ecc5007d43ab0033
-
SSDEEP
3072:8EYoB389mSoOGQwaW0JtDAHjWbITjWIkKTRDjPROYDLmB7Aciq18FL4Y/xoesluU:BMRfGaWIDACbeCIFvPROAa5Aciq1k8cc
Malware Config
Targets
-
-
Target
JaffaCakes118_2c41a67dc2be1ae16922554c8158503c
-
Size
162KB
-
MD5
2c41a67dc2be1ae16922554c8158503c
-
SHA1
88c6fea0d36f3736912c7d52f9b2c2a7eadddc49
-
SHA256
c36ea273277eecbd3b7a10ff1119f2b263fd2d3661f71ed4e862d860f3cb9269
-
SHA512
da673002c2c301415c1bb10bc0eaf7636e81e4ebb61d693488decf1d562848847e69a54172255e592c853025e42de301e2ba2c7ca34963a4ecc5007d43ab0033
-
SSDEEP
3072:8EYoB389mSoOGQwaW0JtDAHjWbITjWIkKTRDjPROYDLmB7Aciq18FL4Y/xoesluU:BMRfGaWIDACbeCIFvPROAa5Aciq1k8cc
Score10/10-
Cycbot
Cycbot is a backdoor and trojan written in C++..
-
Cycbot family
-
Detects Cycbot payload
Cycbot is a backdoor and trojan written in C++.
-
Modifies WinLogon for persistence
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-