cryptbot | 1bfffc11a687013c79e9ccdcb939e51f2ec01c78d8c6cb5079d81de9cb5da5f5 | Triage

Sharing

General

Target

JaffaCakes118_1bfffc11a687013c79e9ccdcb939e51f2ec01c78d8c6cb5079d81de9cb5da5f5
Size

3.6MB
Sample

241222-ljkcdssqb1
MD5

d2f38f478367b943632bbb663830c063
SHA1

788f79a144edff88e7957fadd45547e162b25339
SHA256

1bfffc11a687013c79e9ccdcb939e51f2ec01c78d8c6cb5079d81de9cb5da5f5
SHA512

e629645ef4e6cb15b509f5611a9d012c4e70620e911181c82e98b532e1dc8ea2effccdd7592a5f86885389d9c4df166b0e1b695df743f099a591c8f1e6ff8c73
SSDEEP

49152:108r2yrqoQYCkeo/O2dGp/XjYc3TEsuu0ShLV6Xsg0oOT5YYBYBITL:yu5DMHhKShLVSsgW

Score

10^/10

cryptbot discovery spyware stealer

Malware Config

Extracted

Family

cryptbot

C2

veoxjo24.top

morpib02.top

Targets

- Target
  
  JaffaCakes118_1bfffc11a687013c79e9ccdcb939e51f2ec01c78d8c6cb5079d81de9cb5da5f5
- Size
  
  3.6MB
- MD5
  
  d2f38f478367b943632bbb663830c063
- SHA1
  
  788f79a144edff88e7957fadd45547e162b25339
- SHA256
  
  1bfffc11a687013c79e9ccdcb939e51f2ec01c78d8c6cb5079d81de9cb5da5f5
- SHA512
  
  e629645ef4e6cb15b509f5611a9d012c4e70620e911181c82e98b532e1dc8ea2effccdd7592a5f86885389d9c4df166b0e1b695df743f099a591c8f1e6ff8c73
- SSDEEP
  
  49152:108r2yrqoQYCkeo/O2dGp/XjYc3TEsuu0ShLV6Xsg0oOT5YYBYBITL:yu5DMHhKShLVSsgW
Score

10^/10

cryptbot discovery spyware stealer
- CryptBot
  CryptBot is a C++ stealer distributed widely in bundle with other software.
  spyware stealer cryptbot
- Cryptbot family
  cryptbot
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

cryptbotdiscoveryspywarestealer

behavioral2

cryptbotdiscoveryspywarestealer