Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

open-need-...71.exe

windows10-ltsc 2021-x64

10

open-need-...71.exe

windows11-21h2-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    open-need-this-471.exe

  • Size

    8.3MB

  • Sample

    250214-y8gn1sxraj

  • MD5

    0731196417e9e094e3006e526e19416a

  • SHA1

    23f5229eaf3ee37a34386f92a0a1c5559b1fa38e

  • SHA256

    d658be4d698c8cc2f36303a0fad307c4b3b6ceb3a261e848ba4bb057021dbc8e

  • SHA512

    9ec89dd17cccf148224914a021fdee2f8db6db72c3d45841f5bb9af1ae31581ee3d5e65e3ff705ca191f82e3855540040a0b13f652fac6db833e43155c579014

  • SSDEEP

    98304:YKcPFYANBnSs1c06rBrceNfbUfqKTyz8Kl:2yEJH7yqqQG8Kl

Score
10/10
cryptbotdefense_evasiondiscoveryspywarestealer

Malware Config

Extracted

Family

cryptbot

C2

http://home.twntjj20sr.top/KQEaovfuRhDhtcpfRFme15

Targets

    • Target

      open-need-this-471.exe

    • Size

      8.3MB

    • MD5

      0731196417e9e094e3006e526e19416a

    • SHA1

      23f5229eaf3ee37a34386f92a0a1c5559b1fa38e

    • SHA256

      d658be4d698c8cc2f36303a0fad307c4b3b6ceb3a261e848ba4bb057021dbc8e

    • SHA512

      9ec89dd17cccf148224914a021fdee2f8db6db72c3d45841f5bb9af1ae31581ee3d5e65e3ff705ca191f82e3855540040a0b13f652fac6db833e43155c579014

    • SSDEEP

      98304:YKcPFYANBnSs1c06rBrceNfbUfqKTyz8Kl:2yEJH7yqqQG8Kl

    Score
    10/10
    cryptbotdefense_evasiondiscoveryspywarestealer

    • CryptBot

      CryptBot is a C++ stealer distributed widely in bundle with other software.

      spywarestealercryptbot

    • Cryptbot family

      cryptbot

    • Enumerates VirtualBox registry keys

      defense_evasion

    • Downloads MZ/PE file

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks