cryptbot | ba14eb0e57c8e99fa4bc718a83d4120dff5e7e15c7056734aefebdf50b30cd71 | Triage

Submit
Reports

Overview

overview

Static

static

3e8ce55b21...46.exe

windows7-x64

3e8ce55b21...46.exe

windows10-2004-x64

Sharing

General

Target

0a711206f96133c8d28cd99b5910d705.bin
Size

2.7MB
Sample

241222-bc9ctswqhx
MD5

250927885f1275ad0cf8436f944a557f
SHA1

2311d38f568c2d3d8c1cba73e2726fa57499855a
SHA256

ba14eb0e57c8e99fa4bc718a83d4120dff5e7e15c7056734aefebdf50b30cd71
SHA512

1d4844260707108c52233e09fd88b363a6ac36660841c64e1cdb4d1a744ac0457e66004dd2c9afb0398952e402229cf0d531457b19fb7a0b5995e41675b7a84d
SSDEEP

49152:PeDHKmdb3h7GTVTRBtdjCp+PwMND/KK0PFfRS93//XgSdeXZFQvNN:Iqmdbx7GRTRBt9nPwM9/KK0Pq93HwLo

Score

10^/10

cryptbot discovery evasion spyware stealer

Static task

static1

spyware stealer cryptbot

3 signatures

Behavioral task

behavioral1

Sample

3e8ce55b21c44c397fe6080de6dec506f468c011c05808a72e8d8a64af090a46.exe

Resource

win7-20240903-en

cryptbot discovery evasion spyware stealer

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

3e8ce55b21c44c397fe6080de6dec506f468c011c05808a72e8d8a64af090a46.exe

Resource

win10v2004-20241007-en

cryptbot discovery evasion spyware stealer

windows10-2004-x64

7 signatures

150 seconds

Malware Config

Extracted

Family

cryptbot

Targets

- Target
  
  3e8ce55b21c44c397fe6080de6dec506f468c011c05808a72e8d8a64af090a46.exe
- Size
  
  7.6MB
- MD5
  
  0a711206f96133c8d28cd99b5910d705
- SHA1
  
  a100de5f4dc7a8faf50a5f6292f088c22e943303
- SHA256
  
  3e8ce55b21c44c397fe6080de6dec506f468c011c05808a72e8d8a64af090a46
- SHA512
  
  03e63875a95e9d18d67635388611862a6694278038134a0e4ab8b23c43a41774b33f3dcc38181bd4af6491b66a7f91b478820b1bc7b14d31e42f20779b9a506a
- SSDEEP
  
  49152:Kucd9+zV4r7CLX0vDLhfFoGiux88wMKowWrpAXa9UWsnmWPh/pU02KbbgcPyzJsL:KumEwCLofapuG8nKjGGXx/qKxyz2
Score

10^/10

cryptbot discovery evasion spyware stealer
- CryptBot
  CryptBot is a C++ stealer distributed widely in bundle with other software.
  spyware stealer cryptbot
- Cryptbot family
  cryptbot
- Enumerates VirtualBox registry keys
  evasion
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

Credential Access

Discovery

Query Registry

System Location Discovery

System Language Discovery

Virtualization/Sandbox Evasion

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

spywarestealercryptbot

behavioral1

cryptbotdiscoveryevasionspywarestealer

behavioral2

cryptbotdiscoveryevasionspywarestealer

© 2018-2024

Terms | Privacy