General
-
Target
JaffaCakes118_48424d61bbe95463813d519028f55816
-
Size
184KB
-
Sample
250128-h4tvsa1rhj
-
MD5
48424d61bbe95463813d519028f55816
-
SHA1
99b2cf21e7ad98dbee855347db5e88b04691e2f6
-
SHA256
b1d5250f9238e7a26eda172a27a5e8d783b2fbf992631a1c42be72a976ef5af3
-
SHA512
a64662c0617aae47358272a2b14a665ca16985f73253bb72efff7a10d40f0561061205b9786056a518f59d7d1252788c51c7746086f38d9242189a27ecb349d5
-
SSDEEP
3072:0f3ZM5kiCeDxS7txhF7BiOk+5cOWAuEJONr3lsT6O8vaUO/NwbX850pMIWqojEW:6pM5kuSJxhdBiOk+5cOvJOR46O8v5Zit
Malware Config
Targets
-
-
Target
JaffaCakes118_48424d61bbe95463813d519028f55816
-
Size
184KB
-
MD5
48424d61bbe95463813d519028f55816
-
SHA1
99b2cf21e7ad98dbee855347db5e88b04691e2f6
-
SHA256
b1d5250f9238e7a26eda172a27a5e8d783b2fbf992631a1c42be72a976ef5af3
-
SHA512
a64662c0617aae47358272a2b14a665ca16985f73253bb72efff7a10d40f0561061205b9786056a518f59d7d1252788c51c7746086f38d9242189a27ecb349d5
-
SSDEEP
3072:0f3ZM5kiCeDxS7txhF7BiOk+5cOWAuEJONr3lsT6O8vaUO/NwbX850pMIWqojEW:6pM5kuSJxhdBiOk+5cOvJOR46O8v5Zit
Score10/10-
Cycbot
Cycbot is a backdoor and trojan written in C++..
-
Cycbot family
-
Detects Cycbot payload
Cycbot is a backdoor and trojan written in C++.
-
Modifies WinLogon for persistence
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-