Overview

overview

10

Static

static

3

131d6fb920...b1.exe

windows7-x64

10

131d6fb920...b1.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    6922e893e81974f1e08e48308d8ad02bee4c79a924ec9f7d594024ba63582b20.zip

  • Size

    233KB

  • Sample

    250326-hs1tysslv9

  • MD5

    efd3ca5611c00ec9ff783754baf18dca

  • SHA1

    abbe464abcfcdbcd35712e055b1af2979feae8f1

  • SHA256

    6922e893e81974f1e08e48308d8ad02bee4c79a924ec9f7d594024ba63582b20

  • SHA512

    6cb04e95d999d4cff4d02454dab45b89ccfbb10fe75ec576341401b967888dd926a3575b9858b7b525b259977e37c53014efa88cd89f80b8226f91cb2d3fb523

  • SSDEEP

    6144:2HVRl6yVh8TrD56fIDSRep1VXH2zuXEDfB4fklwZx:K0yVYrYAD5ftp0B4fkuZx

Score
10/10
cryptbotdiscoveryspywarestealer

Malware Config

Extracted

Family

cryptbot

C2

befqlo52.top

mortos05.top
Attributes
  • payload_url

    http://mincir07.top/download.php?file=lv.exe

Targets

    • Target

      131d6fb9204ceda508075afce9b9b65e429952674e914d224268deb319a0aab1.exe

    • Size

      305KB

    • MD5

      4309f4b4bb455f998d1fdf310cd83484

    • SHA1

      4ee10072d4dff28efcd64d8dcd631760868d644b

    • SHA256

      131d6fb9204ceda508075afce9b9b65e429952674e914d224268deb319a0aab1

    • SHA512

      3d730ec6e3b385a69fa62634f4776e98327bc8f5da6330b109d3de5b37339dcb97cf9bf489c548de23f6ff71b115e921d5179cf2606eba61783851462ba807bf

    • SSDEEP

      6144:zWmk/wokUNpuDoAVUx99rpABXHxjdgwJids6m+8suhyiP:NswuNpQv299rpAVHxJgw0dsp+dTiP

    Score
    10/10
    cryptbotdiscoveryspywarestealer

    • CryptBot

      CryptBot is a C++ stealer distributed widely in bundle with other software.

      spywarestealercryptbot

    • Cryptbot family

      cryptbot

    • Deletes itself

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Accesses cryptocurrency files/wallets, possible credential harvesting

      spyware

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks