Overview

overview

10

Static

static

3

Setup2.exe

windows7-x64

10

Setup2.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Setup2.exe

  • Size

    6.3MB

  • Sample

    241218-mjacvswnfq

  • MD5

    37263ede84012177cab167dc23457074

  • SHA1

    5905e3b2db8ff152a7f43f339c053e1d43b44dfc

  • SHA256

    9afd9e70b6f166cfc6de30e206dff5963073a6faeff5bcc93ee131df79894fc2

  • SHA512

    6b08af27c18fcaadcdc72af7e17cf9fe856526eab783ed9eb9420cf44fd85bf8a263c88d0f98bc367156bc01d61c6e0c8d098246760b20ed57efae292b68fe7e

  • SSDEEP

    98304:RYXXi4g+Xlxnn0wG9lY/3HeEqD1iG05rY:REXiJ+Xlxnn5Ydpb8rY

Score
10/10
cryptbotdiscoveryspywarestealer

Malware Config

Extracted

Family

cryptbot

C2

fivexc5pt.top

analforeverlovyu.top
Attributes
  • url_path

    /v1/upload.php

Targets

    • Target

      Setup2.exe

    • Size

      6.3MB

    • MD5

      37263ede84012177cab167dc23457074

    • SHA1

      5905e3b2db8ff152a7f43f339c053e1d43b44dfc

    • SHA256

      9afd9e70b6f166cfc6de30e206dff5963073a6faeff5bcc93ee131df79894fc2

    • SHA512

      6b08af27c18fcaadcdc72af7e17cf9fe856526eab783ed9eb9420cf44fd85bf8a263c88d0f98bc367156bc01d61c6e0c8d098246760b20ed57efae292b68fe7e

    • SSDEEP

      98304:RYXXi4g+Xlxnn0wG9lY/3HeEqD1iG05rY:REXiJ+Xlxnn5Ydpb8rY

    Score
    10/10
    cryptbotdiscoveryspywarestealer

    • CryptBot

      CryptBot is a C++ stealer distributed widely in bundle with other software.

      spywarestealercryptbot

    • Cryptbot family

      cryptbot

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks