General
-
Target
JaffaCakes118_5b15d0b8b84ff551f1bfe01ae13185c2
-
Size
164KB
-
Sample
250129-y85qvaymet
-
MD5
5b15d0b8b84ff551f1bfe01ae13185c2
-
SHA1
218cd8fb0c65059f0cf14c8e49055120c1798835
-
SHA256
64b304dfc73f994fa741060a66dc9ce5dceced68d36f604782006de093dab90a
-
SHA512
18c8a1910c67deff9ca6409c3bc4e1c567afe0d6b49d1058efd5e6ef340c4fffd6778454c63c021f092aa2fbed2b41cc84ed47ffd694e67d9fa91e9cb4fd6f1c
-
SSDEEP
3072:E2mEMBnspASCSUYSjz6oBiVqbEWXv1LLNSg/X6e1e1yqPihEvfB5/Qxq+NMRwczt:ENBspSSUYDoBiUEqHdX6Sexiwv/gq2Mx
Malware Config
Targets
-
-
Target
JaffaCakes118_5b15d0b8b84ff551f1bfe01ae13185c2
-
Size
164KB
-
MD5
5b15d0b8b84ff551f1bfe01ae13185c2
-
SHA1
218cd8fb0c65059f0cf14c8e49055120c1798835
-
SHA256
64b304dfc73f994fa741060a66dc9ce5dceced68d36f604782006de093dab90a
-
SHA512
18c8a1910c67deff9ca6409c3bc4e1c567afe0d6b49d1058efd5e6ef340c4fffd6778454c63c021f092aa2fbed2b41cc84ed47ffd694e67d9fa91e9cb4fd6f1c
-
SSDEEP
3072:E2mEMBnspASCSUYSjz6oBiVqbEWXv1LLNSg/X6e1e1yqPihEvfB5/Qxq+NMRwczt:ENBspSSUYDoBiUEqHdX6Sexiwv/gq2Mx
Score10/10-
Cycbot
Cycbot is a backdoor and trojan written in C++..
-
Cycbot family
-
Detects Cycbot payload
Cycbot is a backdoor and trojan written in C++.
-
Modifies WinLogon for persistence
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-