cryptbot | 1d40e787883c1fe416b13dc1b4557bb53c3929794a5cd76f10089f6efcef3636 | Triage

Sharing

General

Target

JaffaCakes118_1d40e787883c1fe416b13dc1b4557bb53c3929794a5cd76f10089f6efcef3636
Size

3.6MB
Sample

241229-ea5hms1qa1
MD5

41e8d1999f3912a89dd81cc4bf0397ea
SHA1

a0e2c39893d0fb533e0344891955d9d5feccbef3
SHA256

1d40e787883c1fe416b13dc1b4557bb53c3929794a5cd76f10089f6efcef3636
SHA512

3d88c02bfa663c123f9014f7e8622f6f6cee8d753951feccd1f235e7ac729cb0edc7be4662ed0d0fa1f92c4a2ea7eef2f06f60cad40b6020dbc29b197a42957a
SSDEEP

49152:SXdM52HyDSsCevofOilGp//3tC4+7rJ1sPHinZS/yUk2kn3TB3c/04o5kyI5b:StM5EXIItmCnZS/yH2k+/04R

Score

10^/10

cryptbot discovery spyware stealer

Malware Config

Extracted

Family

cryptbot

C2

veobsi38.top

moryel03.top

Attributes

payload_url
http://tyngos04.top/download.php?file=lv.exe

Targets

- Target
  
  JaffaCakes118_1d40e787883c1fe416b13dc1b4557bb53c3929794a5cd76f10089f6efcef3636
- Size
  
  3.6MB
- MD5
  
  41e8d1999f3912a89dd81cc4bf0397ea
- SHA1
  
  a0e2c39893d0fb533e0344891955d9d5feccbef3
- SHA256
  
  1d40e787883c1fe416b13dc1b4557bb53c3929794a5cd76f10089f6efcef3636
- SHA512
  
  3d88c02bfa663c123f9014f7e8622f6f6cee8d753951feccd1f235e7ac729cb0edc7be4662ed0d0fa1f92c4a2ea7eef2f06f60cad40b6020dbc29b197a42957a
- SSDEEP
  
  49152:SXdM52HyDSsCevofOilGp//3tC4+7rJ1sPHinZS/yUk2kn3TB3c/04o5kyI5b:StM5EXIItmCnZS/yH2k+/04R
Score

10^/10

cryptbot discovery spyware stealer
- CryptBot
  CryptBot is a C++ stealer distributed widely in bundle with other software.
  spyware stealer cryptbot
- Cryptbot family
  cryptbot
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

cryptbotdiscoveryspywarestealer

behavioral2

cryptbotdiscoveryspywarestealer