General
-
Target
849ff89531036596a39c31e5b023ac52
-
Size
619KB
-
Sample
240131-rh4mjafgap
-
MD5
849ff89531036596a39c31e5b023ac52
-
SHA1
e408e841600dc4d2d925cbca6c022a5babe46211
-
SHA256
48dcbd723235d40fc1e4162e8808b4ca5eaa2b3fcd1d8daf8fc9b5bce31cf0ca
-
SHA512
f1c852c85f1e001d1aa2d4fabbd8891c4d886c2242bfc0f6d16cbaafbcb2a06fac90b0b86b31068f3b7c1ea2870b46343ba8be1e2f4d04a65f3c8e22088c8b57
-
SSDEEP
12288:6k/hUzVnAebJfZIrcPFql59iqp+6TH46YV+CNgiRB5XpiEkPr62I:WzWeQqiiqpdTYnA2xjkPr62I
Static task
static1
Behavioral task
behavioral1
Sample
849ff89531036596a39c31e5b023ac52.exe
Resource
win7-20231129-en
Malware Config
Extracted
cryptbot
knuplj61.top
morwye06.top
-
payload_url
http://sarjeb09.top/download.php?file=lv.exe
Targets
-
-
Target
849ff89531036596a39c31e5b023ac52
-
Size
619KB
-
MD5
849ff89531036596a39c31e5b023ac52
-
SHA1
e408e841600dc4d2d925cbca6c022a5babe46211
-
SHA256
48dcbd723235d40fc1e4162e8808b4ca5eaa2b3fcd1d8daf8fc9b5bce31cf0ca
-
SHA512
f1c852c85f1e001d1aa2d4fabbd8891c4d886c2242bfc0f6d16cbaafbcb2a06fac90b0b86b31068f3b7c1ea2870b46343ba8be1e2f4d04a65f3c8e22088c8b57
-
SSDEEP
12288:6k/hUzVnAebJfZIrcPFql59iqp+6TH46YV+CNgiRB5XpiEkPr62I:WzWeQqiiqpdTYnA2xjkPr62I
-
CryptBot payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-