General
-
Target
354cc80e72a11f6fd9e4eba3a84196465fdde54e5afd4c4d89ebc043d5233cb4.exe
-
Size
6.3MB
-
Sample
241006-qwsxhs1cmg
-
MD5
fba015b5f4492bf7378b2e2367c60343
-
SHA1
46d5cdaab980588ebe464fa0e97fe0a6ec7b1c6c
-
SHA256
354cc80e72a11f6fd9e4eba3a84196465fdde54e5afd4c4d89ebc043d5233cb4
-
SHA512
3cb430ead087f655104d7b9b73e46eb0888690cc67a5ee01c3559cc41d8c47620d834cec48238c2f5399d056df4ac81389f02fd5a8e74013771e8ff1c7a6ae8f
-
SSDEEP
49152:sm0C9X+lC+tnRwpvoZMcHB8Z26hdDbDgY35Km1zpfJy3O7aLVfuGfZCUbak6Lnno:X9OXtRye62gtbZ35KQt5aLVhak6jnNwX
Malware Config
Extracted
cryptbot
twelvevh12pt.top
analforeverlovyu.top
-
url_path
/v1/upload.php
Targets
-
-
Target
354cc80e72a11f6fd9e4eba3a84196465fdde54e5afd4c4d89ebc043d5233cb4.exe
-
Size
6.3MB
-
MD5
fba015b5f4492bf7378b2e2367c60343
-
SHA1
46d5cdaab980588ebe464fa0e97fe0a6ec7b1c6c
-
SHA256
354cc80e72a11f6fd9e4eba3a84196465fdde54e5afd4c4d89ebc043d5233cb4
-
SHA512
3cb430ead087f655104d7b9b73e46eb0888690cc67a5ee01c3559cc41d8c47620d834cec48238c2f5399d056df4ac81389f02fd5a8e74013771e8ff1c7a6ae8f
-
SSDEEP
49152:sm0C9X+lC+tnRwpvoZMcHB8Z26hdDbDgY35Km1zpfJy3O7aLVfuGfZCUbak6Lnno:X9OXtRye62gtbZ35KQt5aLVhak6jnNwX
Score10/10-
CryptBot
CryptBot is a C++ stealer distributed widely in bundle with other software.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-