General
-
Target
24e43fbe7752e30765786d4b49a489ae15d0543b00cb049f13388142cb45cc42.bin
-
Size
1.9MB
-
Sample
210527-ar62acaq4a
-
MD5
abd35d575a95891bac53ec57e8d33ccd
-
SHA1
78078d9d1c867fca632ccac4fec5bfc65230f1ab
-
SHA256
24e43fbe7752e30765786d4b49a489ae15d0543b00cb049f13388142cb45cc42
-
SHA512
6036f6ad53f5b525f7ff2f48d1924d63fcac520dcfd57bba8288317e7bdd8c75470a2f050b16483e62143ac5090a7250e56b0030e89d7279d9b1998122429bd3
Malware Config
Targets
-
-
Target
24e43fbe7752e30765786d4b49a489ae15d0543b00cb049f13388142cb45cc42.bin
-
Size
1.9MB
-
MD5
abd35d575a95891bac53ec57e8d33ccd
-
SHA1
78078d9d1c867fca632ccac4fec5bfc65230f1ab
-
SHA256
24e43fbe7752e30765786d4b49a489ae15d0543b00cb049f13388142cb45cc42
-
SHA512
6036f6ad53f5b525f7ff2f48d1924d63fcac520dcfd57bba8288317e7bdd8c75470a2f050b16483e62143ac5090a7250e56b0030e89d7279d9b1998122429bd3
Score10/10-
CryptBot
A C++ stealer distributed widely in bundle with other software.
-
Executes dropped EXE
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-