Overview

overview

10

Static

static

10

Set-up.exe

windows7-x64

10

Set-up.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Set-up.exe

  • Size

    7.4MB

  • Sample

    241231-s4sylaxkcy

  • MD5

    3d060ec62ad0864cfd0d40f46a4f07a9

  • SHA1

    8caba4598d19477a1e4442c4c710fa3909023c5b

  • SHA256

    6f80bb8b470640ae7542eb1b239f2a790d61047254accccf747c4d64907fec66

  • SHA512

    40e7f3407eec75b9ea5027387e2e5de294e6131f6ef00cda7640a6fb93a7e514683895066e509df817fd4de85854969fba8d01dedb40826e4bb59e28981f127d

  • SSDEEP

    49152:zINwrsavev5BI2tev8aclalc6UnNaxT1jvwgJr0vJnWShbKsqBIKTlblgPyz8wA/:zIQsX5BMvh64cxnMxRjVJQxPKTSyz8/

Score
10/10
cryptbotdiscoveryevasionspywarestealer

Malware Config

Extracted

Family

cryptbot

C2

http://home.eleventj11vt.top/olNuzJxAApOsKhOXzdRo1

Targets

    • Target

      Set-up.exe

    • Size

      7.4MB

    • MD5

      3d060ec62ad0864cfd0d40f46a4f07a9

    • SHA1

      8caba4598d19477a1e4442c4c710fa3909023c5b

    • SHA256

      6f80bb8b470640ae7542eb1b239f2a790d61047254accccf747c4d64907fec66

    • SHA512

      40e7f3407eec75b9ea5027387e2e5de294e6131f6ef00cda7640a6fb93a7e514683895066e509df817fd4de85854969fba8d01dedb40826e4bb59e28981f127d

    • SSDEEP

      49152:zINwrsavev5BI2tev8aclalc6UnNaxT1jvwgJr0vJnWShbKsqBIKTlblgPyz8wA/:zIQsX5BMvh64cxnMxRjVJQxPKTSyz8/

    Score
    10/10
    cryptbotdiscoveryevasionspywarestealer

    • CryptBot

      CryptBot is a C++ stealer distributed widely in bundle with other software.

      spywarestealercryptbot

    • Cryptbot family

      cryptbot

    • Enumerates VirtualBox registry keys

      evasion

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks