General
-
Target
JaffaCakes118_4050f3601ab7931a0f6db2262ecb25a9
-
Size
165KB
-
Sample
250127-reda6sspal
-
MD5
4050f3601ab7931a0f6db2262ecb25a9
-
SHA1
aea77ad2a71dea57b06d824ab8617149e2d1edcc
-
SHA256
cd705b00962c246a2513eebce6e3c6b50aed5b3576569006d362a3f16e5b10ea
-
SHA512
1d1ce6495680eb604873297f515f163e9c9145451552158bd897968eab3094e3b8b8ea46e974a15b28b11e9f82a7f64f8569d2c0720d00f30f5a69e140fe2507
-
SSDEEP
3072:hMMbRiYder+FnuJ2PaCZwXPlbPXHVO2oBvQ6xNDCnz1dShLeA184Uum9xVp:hzb0Yd+3Ehih1PoBI6HDw11A184UTxV
Malware Config
Targets
-
-
Target
JaffaCakes118_4050f3601ab7931a0f6db2262ecb25a9
-
Size
165KB
-
MD5
4050f3601ab7931a0f6db2262ecb25a9
-
SHA1
aea77ad2a71dea57b06d824ab8617149e2d1edcc
-
SHA256
cd705b00962c246a2513eebce6e3c6b50aed5b3576569006d362a3f16e5b10ea
-
SHA512
1d1ce6495680eb604873297f515f163e9c9145451552158bd897968eab3094e3b8b8ea46e974a15b28b11e9f82a7f64f8569d2c0720d00f30f5a69e140fe2507
-
SSDEEP
3072:hMMbRiYder+FnuJ2PaCZwXPlbPXHVO2oBvQ6xNDCnz1dShLeA184Uum9xVp:hzb0Yd+3Ehih1PoBI6HDw11A184UTxV
Score10/10-
Cycbot
Cycbot is a backdoor and trojan written in C++..
-
Cycbot family
-
Detects Cycbot payload
Cycbot is a backdoor and trojan written in C++.
-
Modifies WinLogon for persistence
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-