fcf7a9f612586c76b3597985dc5e2b79.exe

General
Target

fcf7a9f612586c76b3597985dc5e2b79.exe

Size

637KB

Sample

210330-3ctml3n9da

Score
10 /10
MD5

fcf7a9f612586c76b3597985dc5e2b79

SHA1

4a75e27a1ed940a6f27f5f2bf316f7ebf95b0858

SHA256

126f515316ff7d1be06266adcbbd565f18437b293b690765dcf55f500cb048e0

SHA512

4b6d124d27599559f84eb340d3cd7cb577bb9ed6c86306d03c26e3c9a61f5a5a1d9b4e849305ab40cb2f79e3d23215c3081262c68bde4d028abed1bbe44719cb

Malware Config

Extracted

Family cryptbot
C2

bavyf72.top

moriol07.top

Attributes
payload_url
http://akshj10.top/download.php?file=lv.exe
Targets
Target

fcf7a9f612586c76b3597985dc5e2b79.exe

MD5

fcf7a9f612586c76b3597985dc5e2b79

Filesize

637KB

Score
10 /10
SHA1

4a75e27a1ed940a6f27f5f2bf316f7ebf95b0858

SHA256

126f515316ff7d1be06266adcbbd565f18437b293b690765dcf55f500cb048e0

SHA512

4b6d124d27599559f84eb340d3cd7cb577bb9ed6c86306d03c26e3c9a61f5a5a1d9b4e849305ab40cb2f79e3d23215c3081262c68bde4d028abed1bbe44719cb

Tags

Signatures

  • CryptBot

    Description

    A C++ stealer distributed widely in bundle with other software.

    Tags

  • CryptBot Payload

  • Reads user/profile data of web browsers

    Description

    Infostealers often target stored browser data, which can include saved credentials etc.

    Tags

    TTPs

    Data from Local System Credentials in Files
  • Accesses cryptocurrency files/wallets, possible credential harvesting

    Tags

    TTPs

    Data from Local System Credentials in Files
  • Checks installed software on the system

    Description

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    Tags

    TTPs

    Query Registry

Related Tasks

MITRE ATT&CK Matrix
Command and Control
    Credential Access
    Defense Evasion
      Execution
        Exfiltration
          Impact
            Initial Access
              Lateral Movement
                Persistence
                  Privilege Escalation
                    Tasks

                    static1

                    behavioral1

                    10/10