General
-
Target
JaffaCakes118_6e7cc9d832b8e4dda93784898e96191d
-
Size
172KB
-
Sample
250131-2gyd8syna1
-
MD5
6e7cc9d832b8e4dda93784898e96191d
-
SHA1
a8b3bd573fb29e13bfeb6988a322a520591874d0
-
SHA256
dd5a4fdea9fa94e6535803867990352151b51f3d9716be66be8282382e4bb3c9
-
SHA512
4ef75f30770e3c4078b61ffbce0f4032654352155cc9f96a20f5d587a004a17899628bc9ee30a649b0dd1753025b7a72ff378aa1515cc9d5c92a7080f731b0ac
-
SSDEEP
3072:VOVje/W2l0W1JZMwspmwwvjRaoq+0z0iIdCMCuqm0cAWoXAaGTVZQDghQqsZitRx:VOVjeO21Jitmxq50/djFpoQaGLtsZitb
Malware Config
Targets
-
-
Target
JaffaCakes118_6e7cc9d832b8e4dda93784898e96191d
-
Size
172KB
-
MD5
6e7cc9d832b8e4dda93784898e96191d
-
SHA1
a8b3bd573fb29e13bfeb6988a322a520591874d0
-
SHA256
dd5a4fdea9fa94e6535803867990352151b51f3d9716be66be8282382e4bb3c9
-
SHA512
4ef75f30770e3c4078b61ffbce0f4032654352155cc9f96a20f5d587a004a17899628bc9ee30a649b0dd1753025b7a72ff378aa1515cc9d5c92a7080f731b0ac
-
SSDEEP
3072:VOVje/W2l0W1JZMwspmwwvjRaoq+0z0iIdCMCuqm0cAWoXAaGTVZQDghQqsZitRx:VOVjeO21Jitmxq50/djFpoQaGLtsZitb
Score10/10-
Cycbot
Cycbot is a backdoor and trojan written in C++..
-
Cycbot family
-
Detects Cycbot payload
Cycbot is a backdoor and trojan written in C++.
-
Modifies WinLogon for persistence
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-