General
-
Target
JaffaCakes118_38728d9907553634d48d7273063b11e2
-
Size
164KB
-
Sample
250126-xzazfa1qdk
-
MD5
38728d9907553634d48d7273063b11e2
-
SHA1
c91fda7d6e0c081c10a8e36f006ada0a24540ff3
-
SHA256
71e645fa6968a5308e315fff5cc17aaba73125b2161d5c9806aee68b8a95e8e5
-
SHA512
72ca8fd47a8896ca339415c45a3d0f2640d42f6eb4783e9fa8b2d7feda096a50465b6ffdc99955738c8cb2423eab829c38e09017ae92e660a5eff2857cb2e0ab
-
SSDEEP
3072:RUVFkahDKNON9Ls+u3PPRrih4eexeeuRC8F4eyFcKkMtIyzQfCiroDRPL:eFLJM5riRMUPCzcKhnzQKLD5L
Malware Config
Targets
-
-
Target
JaffaCakes118_38728d9907553634d48d7273063b11e2
-
Size
164KB
-
MD5
38728d9907553634d48d7273063b11e2
-
SHA1
c91fda7d6e0c081c10a8e36f006ada0a24540ff3
-
SHA256
71e645fa6968a5308e315fff5cc17aaba73125b2161d5c9806aee68b8a95e8e5
-
SHA512
72ca8fd47a8896ca339415c45a3d0f2640d42f6eb4783e9fa8b2d7feda096a50465b6ffdc99955738c8cb2423eab829c38e09017ae92e660a5eff2857cb2e0ab
-
SSDEEP
3072:RUVFkahDKNON9Ls+u3PPRrih4eexeeuRC8F4eyFcKkMtIyzQfCiroDRPL:eFLJM5riRMUPCzcKhnzQKLD5L
Score10/10-
Cycbot
Cycbot is a backdoor and trojan written in C++..
-
Cycbot family
-
Detects Cycbot payload
Cycbot is a backdoor and trojan written in C++.
-
Modifies WinLogon for persistence
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-