Analysis

  • max time kernel
    148s
  • max time network
    153s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231215-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
  • submitted
    21-01-2024 19:12

General

  • Target

    CrybtBot Sealer Unpacked.bin.exe

  • Size

    280KB

  • MD5

    681457fa460dff885eef657f166d5ef8

  • SHA1

    44cac83393e0d6d083f0f2ae064090e2478f715b

  • SHA256

    381333799197cdf21b4d12d9ce83587673c52b336547a5425bbd9c69bba00d5f

  • SHA512

    369d299957327e6260f636933756054a0cd6ca78c4e585544aaac56c87fc6da8c9140e0ab0db51c601c06b95566ffa75d1f9699bc53369994eb0ab6d19eb2180

  • SSDEEP

    6144:s068sLPlQBdpbFl37RYeuFAeQKWQcAfoOGCR/4jTHazM80WLXTT9Bvl:s068sLPlQBdpbFl3l0FAepWQcMdu+Ymt

Malware Config

Signatures

Processes

  • C:\Users\Admin\AppData\Local\Temp\CrybtBot Sealer Unpacked.bin.exe
    "C:\Users\Admin\AppData\Local\Temp\CrybtBot Sealer Unpacked.bin.exe"
    1⤵
    • Checks processor information in registry
    PID:3748

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\NvaNCqgFga\_Files\_Information.txt

    Filesize

    1KB

    MD5

    eefdf324433be1f74afe5bc3f5afeb66

    SHA1

    ae8224de1c0acb0cd4b4d7fde551fc01b1fa3a05

    SHA256

    cc7bdaf52a725f4a0ad63eec9f929e1063953ec3ba8c35f34cb8785a996ae558

    SHA512

    1ca821ac80f2ec9e64251ca7e0bf47f4cefe2ef6d1540a4acdb7b4b60bccd42cbfdc87ced84ad6670c518b1c7d2afe8e896ec4e1b65fb5747b4572ebe569d29e

  • C:\Users\Admin\AppData\Local\Temp\NvaNCqgFga\_Files\_Information.txt

    Filesize

    3KB

    MD5

    16fb6d77a84fe0f138b88c90bc63ef34

    SHA1

    d41283b1c2043507f04ed4e76e45aece964888e2

    SHA256

    de10753eb6742b01e0574a9923849715872e4a709a2a11db4e0b5eb9ae8eccf7

    SHA512

    7153ba53d5c865e384b8bfb1a7ea0c704c519e89e07b9eb36f5db22c1bcc28ad7c78e6e3820f3324f6e0acf47fcee2e2218ed53326fea7693baef114cee1b322

  • C:\Users\Admin\AppData\Local\Temp\NvaNCqgFga\_Files\_Information.txt

    Filesize

    4KB

    MD5

    2742fed9d53c07a8a38fe7a263bc6619

    SHA1

    db578187fab788c1df0710e97846e636ebd3287a

    SHA256

    bdc5922aabc1fffd1c0a7e0fd7ed3995843539cd157eafc121e29d50ee366358

    SHA512

    8d173e84f2f5f0144789e80667c5bcd3ca354bd803de9a2536d1f7acc1655c75a19a2f5cd4ce74e84074efb91ee0821e63edc787857e48b15f3cd009ea7bb4a6

  • C:\Users\Admin\AppData\Local\Temp\NvaNCqgFga\_Files\_Screen_Desktop.jpeg

    Filesize

    50KB

    MD5

    a7acd7169b8cbbde4bae2d1d0db4cf6e

    SHA1

    90e3788f56ba4102bdadf7dece62f97854b628e9

    SHA256

    1f914d989660a6806a5bab5a3aad57a6d3102ade90cc3ef2184b5d6c0bb6ea61

    SHA512

    5c89b6dfa89fd6f3cbf22916aaf34fe8f411712cc2a57c36a41c4e1645702139de1ab0fb6c54188584ff26c901eaab53581b4429c066ed3b92db537bd7ea96f9

  • C:\Users\Admin\AppData\Local\Temp\NvaNCqgFga\fQHWEqvBULV.zip

    Filesize

    44KB

    MD5

    bf71ccd395ecc672f9bdff362afbf2be

    SHA1

    89b62d61cac71629fd4befe04e0d3f867f7ea62b

    SHA256

    b6774edcdf827e58a58f2d89c3900df72be1867048d15bb23567742a8e0a11c3

    SHA512

    4fe5708bc7f1147be20819d2e1334e99c23e852a32a89202462d505704e72246550ca4542aa2c1fc195d16cf344ca71069baf66ab0b7705e86768c9a7941bddc