General

  • Target

    Set-up.exe

  • Size

    7.6MB

  • Sample

    241220-wtvk8a1lfw

  • MD5

    0a711206f96133c8d28cd99b5910d705

  • SHA1

    a100de5f4dc7a8faf50a5f6292f088c22e943303

  • SHA256

    3e8ce55b21c44c397fe6080de6dec506f468c011c05808a72e8d8a64af090a46

  • SHA512

    03e63875a95e9d18d67635388611862a6694278038134a0e4ab8b23c43a41774b33f3dcc38181bd4af6491b66a7f91b478820b1bc7b14d31e42f20779b9a506a

  • SSDEEP

    49152:Kucd9+zV4r7CLX0vDLhfFoGiux88wMKowWrpAXa9UWsnmWPh/pU02KbbgcPyzJsL:KumEwCLofapuG8nKjGGXx/qKxyz2

Malware Config

Extracted

Family

cryptbot

Targets

    • Target

      Set-up.exe

    • Size

      7.6MB

    • MD5

      0a711206f96133c8d28cd99b5910d705

    • SHA1

      a100de5f4dc7a8faf50a5f6292f088c22e943303

    • SHA256

      3e8ce55b21c44c397fe6080de6dec506f468c011c05808a72e8d8a64af090a46

    • SHA512

      03e63875a95e9d18d67635388611862a6694278038134a0e4ab8b23c43a41774b33f3dcc38181bd4af6491b66a7f91b478820b1bc7b14d31e42f20779b9a506a

    • SSDEEP

      49152:Kucd9+zV4r7CLX0vDLhfFoGiux88wMKowWrpAXa9UWsnmWPh/pU02KbbgcPyzJsL:KumEwCLofapuG8nKjGGXx/qKxyz2

    • CryptBot

      CryptBot is a C++ stealer distributed widely in bundle with other software.

    • Cryptbot family

    • Enumerates VirtualBox registry keys

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v15

Tasks