General

  • Target

    6f25a0962565b1974bedce661c201529

  • Size

    706KB

  • Sample

    240122-jxbajabgfm

  • MD5

    6f25a0962565b1974bedce661c201529

  • SHA1

    6a15e67dc15ea4603376d465e03dba4dab229f6a

  • SHA256

    89425ed57b370731f3eb964d7d2bfce74b8e9e4be1be23ad76990c2d3da93579

  • SHA512

    75a6d5533f6a23a0a42e43a2c3c66673ffa0d17156f070c044ce959a8b8f35023173a7c03089ac4d371d078edba5e5cef693db97423faeba0f52cc7d5972e5d6

  • SSDEEP

    12288:tt8TopznXPq9thtx1nFMWS9Ov2GIVBh4W0TIu2FHsucoQHerza:JdXPq9drwn/u2FBcoQHqz

Malware Config

Targets

    • Target

      6f25a0962565b1974bedce661c201529

    • Size

      706KB

    • MD5

      6f25a0962565b1974bedce661c201529

    • SHA1

      6a15e67dc15ea4603376d465e03dba4dab229f6a

    • SHA256

      89425ed57b370731f3eb964d7d2bfce74b8e9e4be1be23ad76990c2d3da93579

    • SHA512

      75a6d5533f6a23a0a42e43a2c3c66673ffa0d17156f070c044ce959a8b8f35023173a7c03089ac4d371d078edba5e5cef693db97423faeba0f52cc7d5972e5d6

    • SSDEEP

      12288:tt8TopznXPq9thtx1nFMWS9Ov2GIVBh4W0TIu2FHsucoQHerza:JdXPq9drwn/u2FBcoQHqz

    • CryptBot

      A C++ stealer distributed widely in bundle with other software.

    • CryptBot payload

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Accesses cryptocurrency files/wallets, possible credential harvesting

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v15

Tasks