General
-
Target
4f50cf39b0256b79367090cc533779fc
-
Size
663KB
-
Sample
240110-cqvbhabhdr
-
MD5
4f50cf39b0256b79367090cc533779fc
-
SHA1
c58c5148729bf780c4e9393bcbeb24bf0204d0da
-
SHA256
11f1b6976617dd9180c13e3605183f58ef4ddcf3c93a41ec43c1dbf03cf1e9f1
-
SHA512
f2353e75441e93fa8faf782eaaced021cff74ed918b0403a15f8e919053e1cd6a332b2a497db44ab39de5f644dc1baf35ac19c13d8eb717bfc00376dca871075
-
SSDEEP
12288:NgW9ndfZJ29rtCnMc+yX00dCfTBhpK7ohHliqQozxp9vXYYzwHdlaD4EMt:NfU9rtCnpTATjkUhFiqQc9vojHPa0EO
Static task
static1
Behavioral task
behavioral1
Sample
4f50cf39b0256b79367090cc533779fc.exe
Resource
win7-20231215-en
Malware Config
Extracted
cryptbot
ewaymo21.top
morzup02.top
-
payload_url
http://winqoz02.top/download.php?file=lv.exe
Targets
-
-
Target
4f50cf39b0256b79367090cc533779fc
-
Size
663KB
-
MD5
4f50cf39b0256b79367090cc533779fc
-
SHA1
c58c5148729bf780c4e9393bcbeb24bf0204d0da
-
SHA256
11f1b6976617dd9180c13e3605183f58ef4ddcf3c93a41ec43c1dbf03cf1e9f1
-
SHA512
f2353e75441e93fa8faf782eaaced021cff74ed918b0403a15f8e919053e1cd6a332b2a497db44ab39de5f644dc1baf35ac19c13d8eb717bfc00376dca871075
-
SSDEEP
12288:NgW9ndfZJ29rtCnMc+yX00dCfTBhpK7ohHliqQozxp9vXYYzwHdlaD4EMt:NfU9rtCnpTATjkUhFiqQc9vojHPa0EO
-
CryptBot payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-