General
-
Target
JaffaCakes118_6c45614f4b86ac9b6e6c2c177f090331
-
Size
206KB
-
Sample
250131-vqp1ws1rdy
-
MD5
6c45614f4b86ac9b6e6c2c177f090331
-
SHA1
bcd6c0dda5b70c0abde14f4a01139c7630ed7afb
-
SHA256
f339277fb4e1f35040584eb20143a7bf3fdb1f685703d5b0ffe4d2372c047af4
-
SHA512
e26e69a8490c48534121a4aa5caa29647ccf1ce893b5327268e2b27df8e760973271ceb83b30eb0131cea3872626450c5ebdc825d08861a4eb0fcf8acb532ae2
-
SSDEEP
3072:lNe1hc7vtDx/AvKTn5hZ5q35IDIQ8MBYh4EC/gDTvmHNbZLHwM+ET+vG3vTK:Xe1KFDxDTn5hZQ3sMv/mBRwMnBL
Malware Config
Targets
-
-
Target
JaffaCakes118_6c45614f4b86ac9b6e6c2c177f090331
-
Size
206KB
-
MD5
6c45614f4b86ac9b6e6c2c177f090331
-
SHA1
bcd6c0dda5b70c0abde14f4a01139c7630ed7afb
-
SHA256
f339277fb4e1f35040584eb20143a7bf3fdb1f685703d5b0ffe4d2372c047af4
-
SHA512
e26e69a8490c48534121a4aa5caa29647ccf1ce893b5327268e2b27df8e760973271ceb83b30eb0131cea3872626450c5ebdc825d08861a4eb0fcf8acb532ae2
-
SSDEEP
3072:lNe1hc7vtDx/AvKTn5hZ5q35IDIQ8MBYh4EC/gDTvmHNbZLHwM+ET+vG3vTK:Xe1KFDxDTn5hZQ3sMv/mBRwMnBL
Score10/10-
Cycbot
Cycbot is a backdoor and trojan written in C++..
-
Cycbot family
-
Detects Cycbot payload
Cycbot is a backdoor and trojan written in C++.
-
Modifies WinLogon for persistence
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-