cryptbot | 793c8f1ba0ed34ea1797e964594f4f1e2271e74a76a088404e4c878f08372b8b | Triage

Sharing

General

Target

JaffaCakes118_793c8f1ba0ed34ea1797e964594f4f1e2271e74a76a088404e4c878f08372b8b
Size

3.6MB
Sample

241222-qpy5yszpfn
MD5

58054be329949cfb4c8ab7a93734bcdc
SHA1

2642c000d41cdfab367cdfa2cabef183c254b0d0
SHA256

793c8f1ba0ed34ea1797e964594f4f1e2271e74a76a088404e4c878f08372b8b
SHA512

ecf43fd2e11ed6973bac57da957a5a2d687ef539ac5f7fca7fcd93abd3186500e3fa0792ffa725e353e457881c6e7ad80c91173dce890fa7c9ccba4f4abcaedd
SSDEEP

49152:OnQ6pS2SfWOYo/OuNGl/9hyw/bKuuJiD/SiHLPONYWRmGT1q07aK1WTH97CI+L:OQaCG/bKuuMD/SiDQYfGT1qQaKQ

Score

10^/10

cryptbot discovery spyware stealer

Malware Config

Extracted

Family

cryptbot

C2

veotar33.top

moryel03.top

Attributes

payload_url
http://tyngos04.top/download.php?file=lv.exe

Targets

- Target
  
  JaffaCakes118_793c8f1ba0ed34ea1797e964594f4f1e2271e74a76a088404e4c878f08372b8b
- Size
  
  3.6MB
- MD5
  
  58054be329949cfb4c8ab7a93734bcdc
- SHA1
  
  2642c000d41cdfab367cdfa2cabef183c254b0d0
- SHA256
  
  793c8f1ba0ed34ea1797e964594f4f1e2271e74a76a088404e4c878f08372b8b
- SHA512
  
  ecf43fd2e11ed6973bac57da957a5a2d687ef539ac5f7fca7fcd93abd3186500e3fa0792ffa725e353e457881c6e7ad80c91173dce890fa7c9ccba4f4abcaedd
- SSDEEP
  
  49152:OnQ6pS2SfWOYo/OuNGl/9hyw/bKuuJiD/SiHLPONYWRmGT1q07aK1WTH97CI+L:OQaCG/bKuuMD/SiDQYfGT1qQaKQ
Score

10^/10

cryptbot discovery spyware stealer
- CryptBot
  CryptBot is a C++ stealer distributed widely in bundle with other software.
  spyware stealer cryptbot
- Cryptbot family
  cryptbot
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

cryptbotdiscoveryspywarestealer

behavioral2

cryptbotdiscoveryspywarestealer