cryptbot | ec23c516e7dcc1783530369419e6ce7333a228f4e5209216d70e8489048e3ab4 | Triage

Sharing

General

Target

ec23c516e7dcc1783530369419e6ce7333a228f4e5209216d70e8489048e3ab4.exe
Size

9.5MB
Sample

241013-vq77gasdnr
MD5

fb481c39ea41b8bd7743bf3a9d730e76
SHA1

57fb93e92efa53e80fb196d5fbb3717783c54809
SHA256

ec23c516e7dcc1783530369419e6ce7333a228f4e5209216d70e8489048e3ab4
SHA512

e96cb92d7025078b552b0078250c696a21ccee97d4391ef9b821a1bbe3f30da25590c2f836bc77bf6017fc97213155a6dd0d27d2bea50e3881f57e451fd7b853
SSDEEP

49152:k76FrZK4K+1biTX+KZJqe2eO+3nXn0E1Qt5JhGWH/v27LIYoMRBW:fFroh+1biTXNZge

Score

10^/10

cryptbot discovery spyware stealer

Malware Config

Extracted

Family

cryptbot

C2

twelvevx12vs.top

analforeverlovyu.top

Attributes

url_path
/v1/upload.php

Targets

- Target
  
  ec23c516e7dcc1783530369419e6ce7333a228f4e5209216d70e8489048e3ab4.exe
- Size
  
  9.5MB
- MD5
  
  fb481c39ea41b8bd7743bf3a9d730e76
- SHA1
  
  57fb93e92efa53e80fb196d5fbb3717783c54809
- SHA256
  
  ec23c516e7dcc1783530369419e6ce7333a228f4e5209216d70e8489048e3ab4
- SHA512
  
  e96cb92d7025078b552b0078250c696a21ccee97d4391ef9b821a1bbe3f30da25590c2f836bc77bf6017fc97213155a6dd0d27d2bea50e3881f57e451fd7b853
- SSDEEP
  
  49152:k76FrZK4K+1biTX+KZJqe2eO+3nXn0E1Qt5JhGWH/v27LIYoMRBW:fFroh+1biTXNZge
Score

10^/10

cryptbot discovery spyware stealer
- CryptBot
  CryptBot is a C++ stealer distributed widely in bundle with other software.
  spyware stealer cryptbot
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials from Password Stores

Credentials from Web Browsers

Unsecured Credentials

Credentials In Files

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

cryptbotdiscoveryspywarestealer

behavioral2

cryptbotdiscoveryspywarestealer