General
-
Target
1e6653fa18c5b8affdc07d9a7fbf42cd
-
Size
1.7MB
-
Sample
231225-a8yqjadher
-
MD5
1e6653fa18c5b8affdc07d9a7fbf42cd
-
SHA1
51b960fd1eba4b6050033053f17b5bcde20d5606
-
SHA256
82eaf08eae8ac7a604df7ac0a74ef0ea4749cc9aac6d6d3d9bd562d85918ec55
-
SHA512
b81f9cc6f5ef6e2f6f3a6d91da528f9fbf8392e388c869be2bb9fca342adf5045050ad6c9b13f37ae823dc2ef5e05a3cba8b6520098cdda9cc1172e7d6a75690
-
SSDEEP
49152:OKRmflmqch6ykkltzEA3eFwipABVEVt3JuNOXiIyGp:ODm7blPzEA3k6E73EIyG
Static task
static1
Behavioral task
behavioral1
Sample
1e6653fa18c5b8affdc07d9a7fbf42cd.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
1e6653fa18c5b8affdc07d9a7fbf42cd.exe
Resource
win10v2004-20231215-en
Malware Config
Extracted
cryptbot
smainz71.top
moriwi07.top
-
payload_url
http://guruzo10.top/download.php?file=lv.exe
Targets
-
-
Target
1e6653fa18c5b8affdc07d9a7fbf42cd
-
Size
1.7MB
-
MD5
1e6653fa18c5b8affdc07d9a7fbf42cd
-
SHA1
51b960fd1eba4b6050033053f17b5bcde20d5606
-
SHA256
82eaf08eae8ac7a604df7ac0a74ef0ea4749cc9aac6d6d3d9bd562d85918ec55
-
SHA512
b81f9cc6f5ef6e2f6f3a6d91da528f9fbf8392e388c869be2bb9fca342adf5045050ad6c9b13f37ae823dc2ef5e05a3cba8b6520098cdda9cc1172e7d6a75690
-
SSDEEP
49152:OKRmflmqch6ykkltzEA3eFwipABVEVt3JuNOXiIyGp:ODm7blPzEA3k6E73EIyG
Score10/10-
CryptBot payload
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-