General
-
Target
JaffaCakes118_48610ac16ade33cf81880524b81bcd60
-
Size
176KB
-
Sample
250128-jcg8caskgn
-
MD5
48610ac16ade33cf81880524b81bcd60
-
SHA1
df055481f165e0ab119facdfe68ea0335f81d706
-
SHA256
e22eeb0c3412f59295fbb4381705bbbfc96fe36e6d121fa38f73460c99df270f
-
SHA512
29f36828a0483e7097d6ba92c89975bf11bf06bdec6506dbe87786a6f1bd3977adbdf8bb76943a5cd4dc6dc44554747590d58ee57bd19b271099b9a99aaec2d8
-
SSDEEP
3072:JCHTWq+uy700dQAkxQlEiVW8daF9BbaTQg76u9otniuBdlXN+BRGH:kTWq+T7ldKOW8U99azSniuBh+bGH
Malware Config
Targets
-
-
Target
JaffaCakes118_48610ac16ade33cf81880524b81bcd60
-
Size
176KB
-
MD5
48610ac16ade33cf81880524b81bcd60
-
SHA1
df055481f165e0ab119facdfe68ea0335f81d706
-
SHA256
e22eeb0c3412f59295fbb4381705bbbfc96fe36e6d121fa38f73460c99df270f
-
SHA512
29f36828a0483e7097d6ba92c89975bf11bf06bdec6506dbe87786a6f1bd3977adbdf8bb76943a5cd4dc6dc44554747590d58ee57bd19b271099b9a99aaec2d8
-
SSDEEP
3072:JCHTWq+uy700dQAkxQlEiVW8daF9BbaTQg76u9otniuBdlXN+BRGH:kTWq+T7ldKOW8U99azSniuBh+bGH
Score10/10-
Cycbot
Cycbot is a backdoor and trojan written in C++..
-
Cycbot family
-
Detects Cycbot payload
Cycbot is a backdoor and trojan written in C++.
-
Modifies WinLogon for persistence
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-