Extracted

• • Target

    fa2e957273059aeebb840921dbbc8857115eeb0277dfad5716b70b26a23aa820.exe

  • Size

    347KB

  • MD5

    ca5faa77d0bc3a6e946b0b225aef3cb2

  • SHA1

    f604e5b34395b7bbacb23ad6de49b396ad43e4d0

  • SHA256

    fa2e957273059aeebb840921dbbc8857115eeb0277dfad5716b70b26a23aa820

  • SHA512

    8e4146fdcdc681640901100b363e94e1133e11ee2975509d5dfd443f49c0a9d2ab65ed10aad5358c139dbfc0cff7db9a4f2d2edc9ee37cb50bf1677f39231c36

  • SSDEEP

    6144:ZLNfr9ti3Q7FnY3gH+X+0qH77kliXQIxZetZvuyLEHyglIADG8elA:Zhfrbi3Qt+WKBk7giXQfaXxDv

  Score

  10^/10

  cryptbotdiscoveryspywarestealer

  • CryptBot

    CryptBot is a C++ stealer distributed widely in bundle with other software.

    spywarestealercryptbot

  • Cryptbot family

    cryptbot

  • Deletes itself

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Accesses cryptocurrency files/wallets, possible credential harvesting

    spyware

  • Checks installed software on the system

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    discovery
  behavioral1behavioral2