98a3d9f0f4656c52ec828bb1105a5482.exe

General
Target

98a3d9f0f4656c52ec828bb1105a5482.exe

Size

694KB

Sample

210330-pqcfmgrztn

Score
10 /10
MD5

98a3d9f0f4656c52ec828bb1105a5482

SHA1

e466a2c0c971a964890f9df38e65cee1b879fe36

SHA256

d2116546b067294f8673d0f68ab47af0d86a412537dde8c0e6386ba08a909dd6

SHA512

451deb05623375f23ae349e896c244cb8aaffa717b6f2a146f95b007d7ac6dada83193f9317c1560f4c045cf7521b6ce988a789f7e5a78a50bc40df76a26490f

Malware Config

Extracted

Family cryptbot
C2

cinbcp22.top

morwze02.top

Attributes
payload_url
http://binasd03.top/download.php?file=lv.exe
Targets
Target

98a3d9f0f4656c52ec828bb1105a5482.exe

MD5

98a3d9f0f4656c52ec828bb1105a5482

Filesize

694KB

Score
10 /10
SHA1

e466a2c0c971a964890f9df38e65cee1b879fe36

SHA256

d2116546b067294f8673d0f68ab47af0d86a412537dde8c0e6386ba08a909dd6

SHA512

451deb05623375f23ae349e896c244cb8aaffa717b6f2a146f95b007d7ac6dada83193f9317c1560f4c045cf7521b6ce988a789f7e5a78a50bc40df76a26490f

Tags

Signatures

  • CryptBot

    Description

    A C++ stealer distributed widely in bundle with other software.

    Tags

  • CryptBot Payload

  • Reads user/profile data of web browsers

    Description

    Infostealers often target stored browser data, which can include saved credentials etc.

    Tags

    TTPs

    Data from Local System Credentials in Files
  • Accesses cryptocurrency files/wallets, possible credential harvesting

    Tags

    TTPs

    Data from Local System Credentials in Files
  • Checks installed software on the system

    Description

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    Tags

    TTPs

    Query Registry

Related Tasks

MITRE ATT&CK Matrix
Command and Control
    Credential Access
    Defense Evasion
      Execution
        Exfiltration
          Impact
            Initial Access
              Lateral Movement
                Persistence
                  Privilege Escalation
                    Tasks

                    static1

                    behavioral1

                    10/10