cryptbot | 720ae9355ab33d0a10059da07c7af1722b5c53daa94950e8d5f01ba330951efb | Triage

Submit
Reports

Overview

overview

Static

static

dridex

windows10_x64

Sharing

General

Target

720ae9355ab33d0a10059da07c7af1722b5c53daa94950e8d5f01ba330951efb
Size

367KB
Sample

211022-gjmejabbf7
MD5

d5f8480363477af877a9de9571311223
SHA1

fbee6ef8225637951bdb39f68a91701ba4d4d684
SHA256

720ae9355ab33d0a10059da07c7af1722b5c53daa94950e8d5f01ba330951efb
SHA512

43757b463f1217e2709ba6878b52923c24a475a4622018a0673e6c897a98a441696c3a8f5f4bf8e5485e679669d4d81169ff1e77887bc29da24c90783a49b325

Score

10^/10

cryptbot discovery spyware stealer

Static task

static1

Behavioral task

behavioral1

Sample

720ae9355ab33d0a10059da07c7af1722b5c53daa94950e8d5f01ba330951efb.exe

Resource

win10-en-20211014

cryptbot discovery spyware stealer

windows10_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

cryptbot

C2

veogmc52.top

mornoi05.top

Attributes

payload_url
http://tynwyl15.top/download.php?file=penwa.exe

Targets

- Target
  
  720ae9355ab33d0a10059da07c7af1722b5c53daa94950e8d5f01ba330951efb
- Size
  
  367KB
- MD5
  
  d5f8480363477af877a9de9571311223
- SHA1
  
  fbee6ef8225637951bdb39f68a91701ba4d4d684
- SHA256
  
  720ae9355ab33d0a10059da07c7af1722b5c53daa94950e8d5f01ba330951efb
- SHA512
  
  43757b463f1217e2709ba6878b52923c24a475a4622018a0673e6c897a98a441696c3a8f5f4bf8e5485e679669d4d81169ff1e77887bc29da24c90783a49b325
Score

10^/10

cryptbot discovery spyware stealer
- CryptBot
  A C++ stealer distributed widely in bundle with other software.
  spyware stealer cryptbot
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Accesses cryptocurrency files/wallets, possible credential harvesting
  spyware
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

cryptbotdiscoveryspywarestealer

© 2018-2024

Terms | Privacy