Analysis
-
max time kernel
121s -
max time network
124s -
platform
windows7_x64 -
resource
win7-20231215-en -
resource tags
arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system -
submitted
20-01-2024 01:23
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
6920aa5adac327d0b77bcbcf2c105098.exe
Resource
win7-20231215-en
2 signatures
150 seconds
General
-
Target
6920aa5adac327d0b77bcbcf2c105098.exe
-
Size
701KB
-
MD5
6920aa5adac327d0b77bcbcf2c105098
-
SHA1
750a44564b2a4f5199c3be46183ea7ed12215f29
-
SHA256
b937f9098ea56ff4120f21634aaf765cd11f62950cbcf1f4727cc673785a9560
-
SHA512
1257bea8df52390bc0a158eabb1a931340fefc18161884d4901ccc2a836d818ffe766850e23311885fdae315a7245303a35eb0970868506bb245fc92c6bb2aad
-
SSDEEP
12288:u6i7jDNvrm737MOxTAc2NT0c7C4S5JfsZmjb2c36kMtEcZua+rCR8/6Pdfr84elm:zYvkz7Fm07Cwb2cjMScZua+rCR8aIXov
Malware Config
Extracted
Family
cryptbot
C2
fokuti41.top
morwiv04.top
Attributes
-
payload_url
http://nybyoi06.top/download.php?file=lv.exe
Signatures
-
Checks processor information in registry 2 TTPs 2 IoCs
Processor information is often read in order to detect sandboxing environments.
Processes:
6920aa5adac327d0b77bcbcf2c105098.exedescription ioc process Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 6920aa5adac327d0b77bcbcf2c105098.exe Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString 6920aa5adac327d0b77bcbcf2c105098.exe