General
-
Target
JaffaCakes118_52cab382c53b6b75d9e279760db6e04d
-
Size
172KB
-
Sample
250129-e833gatqer
-
MD5
52cab382c53b6b75d9e279760db6e04d
-
SHA1
27c39ae79affa010bcd231ea403f66d6a8714658
-
SHA256
6e2e612f9370c783e1530a334c3ed7a4fa3c3aeb51c06a0354ad82cf95e3c616
-
SHA512
e30275c790c4aafebc427163d496f12f07be38e692e8da6b1a2494126dea8a4cfb4a4550323cbc103670daed2c31479fb8eb49e8e29be6d5392f6f5dfda559e2
-
SSDEEP
3072:GTDe1ALKu5G16xm7NI+inhd3x480mXjodBVCPbmVdP+Agiid1Rg9zJIHJDrWVtw6:MDe141xaohRx48sYPb2dGsqkzKHJkw6
Malware Config
Targets
-
-
Target
JaffaCakes118_52cab382c53b6b75d9e279760db6e04d
-
Size
172KB
-
MD5
52cab382c53b6b75d9e279760db6e04d
-
SHA1
27c39ae79affa010bcd231ea403f66d6a8714658
-
SHA256
6e2e612f9370c783e1530a334c3ed7a4fa3c3aeb51c06a0354ad82cf95e3c616
-
SHA512
e30275c790c4aafebc427163d496f12f07be38e692e8da6b1a2494126dea8a4cfb4a4550323cbc103670daed2c31479fb8eb49e8e29be6d5392f6f5dfda559e2
-
SSDEEP
3072:GTDe1ALKu5G16xm7NI+inhd3x480mXjodBVCPbmVdP+Agiid1Rg9zJIHJDrWVtw6:MDe141xaohRx48sYPb2dGsqkzKHJkw6
Score10/10-
Cycbot
Cycbot is a backdoor and trojan written in C++..
-
Cycbot family
-
Detects Cycbot payload
Cycbot is a backdoor and trojan written in C++.
-
Modifies WinLogon for persistence
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-