General
-
Target
setupfile.exe
-
Size
304MB
-
Sample
230703-p4zjlahg5v
-
MD5
c791dba7aca6e2be93d2d2cc092596ce
-
SHA1
f669ea5bd172f06cb9590dd1a6d5d787fd5690a3
-
SHA256
83330692f4b29fa638c5d3b39a3c7c01c6551df1f49da57b507ca81a4649b758
-
SHA512
ca66c84dac07085bb1c3d8f066ac73a789f13c512216f69380d30c78f938907be1c76ce08822a959141a72608ebfe3adcf7e01cefebddec217833adc3d1d7a65
-
SSDEEP
196608:tIxCTCcvjuk+IGhQ1i2MoJcXA0QvQaT0u5S:tkCTCcruk+RqQ2Vul6QaAu5S
Malware Config
Extracted
cryptbot
http://olsylu55.top/gate.php
Targets
-
-
Target
setupfile.exe
-
Size
304MB
-
MD5
c791dba7aca6e2be93d2d2cc092596ce
-
SHA1
f669ea5bd172f06cb9590dd1a6d5d787fd5690a3
-
SHA256
83330692f4b29fa638c5d3b39a3c7c01c6551df1f49da57b507ca81a4649b758
-
SHA512
ca66c84dac07085bb1c3d8f066ac73a789f13c512216f69380d30c78f938907be1c76ce08822a959141a72608ebfe3adcf7e01cefebddec217833adc3d1d7a65
-
SSDEEP
196608:tIxCTCcvjuk+IGhQ1i2MoJcXA0QvQaT0u5S:tkCTCcruk+RqQ2Vul6QaAu5S
Score10/10-
CryptBot
A C++ stealer distributed widely in bundle with other software.
-
Executes dropped EXE
-
Maps connected drives based on registry
Disk information is often read in order to detect sandboxing environments.
-