cryptbot | 9b6ea4ca27dbeb9e83f9a4324b002eaff9b9c9d008ca8619aafab0b600c8c025 | Triage

Sharing

General

Target

47725225f66768fbf51d112c9deb1100N
Size

6.3MB
Sample

240914-1v4yhayepm
MD5

47725225f66768fbf51d112c9deb1100
SHA1

e50eb314ddb81f23870f9262f8aa912735e04c67
SHA256

9b6ea4ca27dbeb9e83f9a4324b002eaff9b9c9d008ca8619aafab0b600c8c025
SHA512

43a078f534bb1de61a1179a100556e7a6bd41002cb984c6bace4735189b753186857cfe6d6313b28ea000e731ad5d5d8ae61b3c1e747c6c76dfa939f5b8c4bd9
SSDEEP

98304:W0/exNNQ6/A5los7OLmhBvmPKUTaHorY/FOjaJM+ZaMAUMfq+iyw:R2Q35UT0vtLXFr+iyw

Score

10^/10

cryptbot discovery spyware stealer

Malware Config

Extracted

Family

cryptbot

C2

analforeverlovyu.top

tventyv20sb.top

Attributes

url_path
/v1/upload.php

Targets

- Target
  
  47725225f66768fbf51d112c9deb1100N
- Size
  
  6.3MB
- MD5
  
  47725225f66768fbf51d112c9deb1100
- SHA1
  
  e50eb314ddb81f23870f9262f8aa912735e04c67
- SHA256
  
  9b6ea4ca27dbeb9e83f9a4324b002eaff9b9c9d008ca8619aafab0b600c8c025
- SHA512
  
  43a078f534bb1de61a1179a100556e7a6bd41002cb984c6bace4735189b753186857cfe6d6313b28ea000e731ad5d5d8ae61b3c1e747c6c76dfa939f5b8c4bd9
- SSDEEP
  
  98304:W0/exNNQ6/A5los7OLmhBvmPKUTaHorY/FOjaJM+ZaMAUMfq+iyw:R2Q35UT0vtLXFr+iyw
Score

10^/10

cryptbot discovery spyware stealer
- CryptBot
  CryptBot is a C++ stealer distributed widely in bundle with other software.
  spyware stealer cryptbot
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

cryptbotdiscoveryspywarestealer

behavioral2

cryptbotdiscoveryspywarestealer