General
-
Target
JaffaCakes118_63102bad40a538e1c160ee2ce30b446b
-
Size
164KB
-
Sample
250130-qesv7a1rfy
-
MD5
63102bad40a538e1c160ee2ce30b446b
-
SHA1
79b77b361b73cd16a7fe5dc3c57d708e3af4d370
-
SHA256
961f2cec351ae2807a45354309ec54ceeb74c44e8615ec5f01f4c7e30d85d055
-
SHA512
4f68e4c44f66200366e7522b4df6190347d98b73bced99ceb8d37dcd98153986e2faedcf0692b356fab0ee8daed7667a4029e997554af742288d7c6d8bc7bc3a
-
SSDEEP
3072:NMSGyet1WiKIRNrGVRM7QOak3Xf0ICZ5Js06VuX4+Bg+hUpZt3PNGy4Ql3+:NIP1Wi5R2RM/an5KItBqXF8/V
Malware Config
Targets
-
-
Target
JaffaCakes118_63102bad40a538e1c160ee2ce30b446b
-
Size
164KB
-
MD5
63102bad40a538e1c160ee2ce30b446b
-
SHA1
79b77b361b73cd16a7fe5dc3c57d708e3af4d370
-
SHA256
961f2cec351ae2807a45354309ec54ceeb74c44e8615ec5f01f4c7e30d85d055
-
SHA512
4f68e4c44f66200366e7522b4df6190347d98b73bced99ceb8d37dcd98153986e2faedcf0692b356fab0ee8daed7667a4029e997554af742288d7c6d8bc7bc3a
-
SSDEEP
3072:NMSGyet1WiKIRNrGVRM7QOak3Xf0ICZ5Js06VuX4+Bg+hUpZt3PNGy4Ql3+:NIP1Wi5R2RM/an5KItBqXF8/V
Score10/10-
Cycbot
Cycbot is a backdoor and trojan written in C++..
-
Cycbot family
-
Detects Cycbot payload
Cycbot is a backdoor and trojan written in C++.
-
Modifies WinLogon for persistence
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-