Extracted

• • Target

    channel3.exe

  • Size

    6.3MB

  • MD5

    eee6d15917d8a9aa01288580d8cb5541

  • SHA1

    7827d50eab278625ce256d7ec5568a82b8c9edfe

  • SHA256

    3949006957ea55af22ff7e57fc95f3bcd9cde5ffe597e76a3ba22fdcb67314f7

  • SHA512

    68647cad68930d344675bb30a11a7b18b8a59a83c2958f2b4b68d9e8adc3b95bf403a8e00c76a3db889bedf6f6742b6c05081e8ba5e5f77bb71646a959c40571

  • SSDEEP

    98304:+HwhEenyWS9+46B3fgDmQ9NQVapitqG6OmblZLan:6cEcHl4Gv2N0akEG6L5Van

  Score

  10^/10

  cryptbotdiscoveryspywarestealer

  • CryptBot

    CryptBot is a C++ stealer distributed widely in bundle with other software.

    spywarestealercryptbot

  • Checks computer location settings

    Looks up country code configured in the registry, likely geofence.

  • Executes dropped EXE

  • Loads dropped DLL

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Checks installed software on the system

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    discovery
  behavioral1behavioral2