General
-
Target
70f887fea5277999b9f7c5b725a2601ea42f53c3de6f218867509057021d58be
-
Size
7.5MB
-
Sample
241014-fpaggsterr
-
MD5
e071b6dd90f4c7a9d23632bfb9517925
-
SHA1
9ef06985e2f58c3cd0a64780819e7812d6ae849e
-
SHA256
70f887fea5277999b9f7c5b725a2601ea42f53c3de6f218867509057021d58be
-
SHA512
bd8b2c084b36f0b37f223aff83d0599affc0450ede1299efc37e5a9519cc9b26ecb209292865c06c7de29c4f3ffda070c56f956a7db7817427f2d2053b225baf
-
SSDEEP
49152:MidZxaEXACSbv61erWUn19OFne30Tt2SUprQRd8/NPpuevH3nUk0gdtCneP/4scQ:Mivx4i1ul1WUp8O
Malware Config
Targets
-
-
Target
70f887fea5277999b9f7c5b725a2601ea42f53c3de6f218867509057021d58be
-
Size
7.5MB
-
MD5
e071b6dd90f4c7a9d23632bfb9517925
-
SHA1
9ef06985e2f58c3cd0a64780819e7812d6ae849e
-
SHA256
70f887fea5277999b9f7c5b725a2601ea42f53c3de6f218867509057021d58be
-
SHA512
bd8b2c084b36f0b37f223aff83d0599affc0450ede1299efc37e5a9519cc9b26ecb209292865c06c7de29c4f3ffda070c56f956a7db7817427f2d2053b225baf
-
SSDEEP
49152:MidZxaEXACSbv61erWUn19OFne30Tt2SUprQRd8/NPpuevH3nUk0gdtCneP/4scQ:Mivx4i1ul1WUp8O
Score10/10-
CryptBot
CryptBot is a C++ stealer distributed widely in bundle with other software.
-
Detects CryptBot payload
CryptBot is a C++ stealer distributed widely in bundle with other software.
-
Executes dropped EXE
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-