General
-
Target
JaffaCakes118_69436a95d9e12c6c5b67c51bce071539
-
Size
172KB
-
Sample
250131-mczdeavnbk
-
MD5
69436a95d9e12c6c5b67c51bce071539
-
SHA1
ae183cad978d41b2423c8a66ca95895295d7d837
-
SHA256
4a48287a6119abd0bc3cd681a10a1a59caae84a07d41741b1b40540310472754
-
SHA512
d13caf3011695efa075763e842ff004649c3c151dd888385630bd2448c730a7dc3ffb97c6a32ae8b13a773f2eec52bd91be212dbaf136baaae2db39408c77134
-
SSDEEP
3072:O5j5iPxhLT3lemGR8HtQ5Av6yEBVQi547aZfnvtTH6oXSXJzhUdWRC9BXGQXeLni:O7iPxhLT1HGee7VQi5VvVzohhUdwC9xd
Malware Config
Targets
-
-
Target
JaffaCakes118_69436a95d9e12c6c5b67c51bce071539
-
Size
172KB
-
MD5
69436a95d9e12c6c5b67c51bce071539
-
SHA1
ae183cad978d41b2423c8a66ca95895295d7d837
-
SHA256
4a48287a6119abd0bc3cd681a10a1a59caae84a07d41741b1b40540310472754
-
SHA512
d13caf3011695efa075763e842ff004649c3c151dd888385630bd2448c730a7dc3ffb97c6a32ae8b13a773f2eec52bd91be212dbaf136baaae2db39408c77134
-
SSDEEP
3072:O5j5iPxhLT3lemGR8HtQ5Av6yEBVQi547aZfnvtTH6oXSXJzhUdWRC9BXGQXeLni:O7iPxhLT1HGee7VQi5VvVzohhUdwC9xd
Score10/10-
Cycbot
Cycbot is a backdoor and trojan written in C++..
-
Cycbot family
-
Detects Cycbot payload
Cycbot is a backdoor and trojan written in C++.
-
Modifies WinLogon for persistence
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-