General

  • Target

    e311ede0d963fbef24001f95ec0f1044

  • Size

    345KB

  • Sample

    231222-tb3g1acbdn

  • MD5

    e311ede0d963fbef24001f95ec0f1044

  • SHA1

    9053ee2e1042a5432b33ef248d592a1629e50201

  • SHA256

    7577f1250ffa10e8fd5c0331b205eb0abed2bec51b012502cd9995a96d89b4bd

  • SHA512

    be321d3c15fc60fc919e0f76eb556c59a3f9f34ea488e3a3f744505e1ddaf5d8dca49a0c3ad1a5f6d4f539f5c97b403dfb5613a7043f615da35423c2bafe36bc

  • SSDEEP

    6144:biX73lywOblLWnF9TwsqZecJrxC/hpbIYFIvVkDYCyeRpu:y73lTObQnF9qZeoxA7eVmY7eT

Malware Config

Extracted

Family

cryptbot

C2

rasqdc22.top

morsuq02.top

Targets

    • Target

      e311ede0d963fbef24001f95ec0f1044

    • Size

      345KB

    • MD5

      e311ede0d963fbef24001f95ec0f1044

    • SHA1

      9053ee2e1042a5432b33ef248d592a1629e50201

    • SHA256

      7577f1250ffa10e8fd5c0331b205eb0abed2bec51b012502cd9995a96d89b4bd

    • SHA512

      be321d3c15fc60fc919e0f76eb556c59a3f9f34ea488e3a3f744505e1ddaf5d8dca49a0c3ad1a5f6d4f539f5c97b403dfb5613a7043f615da35423c2bafe36bc

    • SSDEEP

      6144:biX73lywOblLWnF9TwsqZecJrxC/hpbIYFIvVkDYCyeRpu:y73lTObQnF9qZeoxA7eVmY7eT

    • CryptBot

      A C++ stealer distributed widely in bundle with other software.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v15

Tasks