Extracted

• • Target

    0x0009000000016ace-13.dat

  • Size

    6.6MB

  • MD5

    20b05fdf49dd701d4909c9297fad4299

  • SHA1

    038202216057ccb9b7b8033f037f575204968e34

  • SHA256

    2731f544c596e1879e5547eb11557dea0858849388cad25c91057f08ac31328b

  • SHA512

    18b6d1414d1e47671c62c9ca6a933af6792be113067d57c990aa43bd1a034c0d788afd48aba04f687c69fe70d9f35825bc1a5b40d4a4b4573b76b23ec5a4ae1c

  • SSDEEP

    49152:uHQfdNtJ2GxW5QJZ/K/5Qpy2bcDYFJqNHizGbGqE3FhAxmoJWZhQPc3GQKjbqFPX:uHelW5cKRenc0FQ/SquDA5eKEyz8F

  Score

  10^/10

  cryptbotdefense_evasiondiscoveryspywarestealer

  • CryptBot

    CryptBot is a C++ stealer distributed widely in bundle with other software.

    spywarestealercryptbot

  • Cryptbot family

    cryptbot

  • Enumerates VirtualBox registry keys

    defense_evasion

  • Downloads MZ/PE file

  • Checks installed software on the system

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    discovery
  behavioral1behavioral2