Overview

overview

10

Static

static

10

open-need-...17.exe

windows7-x64

10

open-need-...17.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    open-need-this-117.exe

  • Size

    8.4MB

  • Sample

    250329-smwm6axl16

  • MD5

    e8d4eaa75a6f7405af1aae1f7e50fbc5

  • SHA1

    74edeb21eef6d28c762111ac73c97cf26e05cd10

  • SHA256

    627091b5638f8273affbceb55ec75caa3fcf91ea847f855033a2504acd49bcfb

  • SHA512

    dfd8a861fa4205fa8db82a5c3708e147d727824d4a09c7fc9bfedbec0d5b8e9dfd9eae06c7b5bd880275a9c601e68bc4c8342d51f20e9c754ff880c665d98d89

  • SSDEEP

    98304:Js4d3tgTma9NcpMZbPBqCkNh5YxDPMK7yz80Sy:xJeTvgm4ENMsG80Sy

Score
10/10
cryptbotdefense_evasiondiscoveryspywarestealer

Malware Config

Extracted

Family

cryptbot

C2

http://home.onebb1mn.top/guDuUgLBfcehRYlFfBKg174

Targets

    • Target

      open-need-this-117.exe

    • Size

      8.4MB

    • MD5

      e8d4eaa75a6f7405af1aae1f7e50fbc5

    • SHA1

      74edeb21eef6d28c762111ac73c97cf26e05cd10

    • SHA256

      627091b5638f8273affbceb55ec75caa3fcf91ea847f855033a2504acd49bcfb

    • SHA512

      dfd8a861fa4205fa8db82a5c3708e147d727824d4a09c7fc9bfedbec0d5b8e9dfd9eae06c7b5bd880275a9c601e68bc4c8342d51f20e9c754ff880c665d98d89

    • SSDEEP

      98304:Js4d3tgTma9NcpMZbPBqCkNh5YxDPMK7yz80Sy:xJeTvgm4ENMsG80Sy

    Score
    10/10
    cryptbotdefense_evasiondiscoveryspywarestealer

    • CryptBot

      CryptBot is a C++ stealer distributed widely in bundle with other software.

      spywarestealercryptbot

    • Cryptbot family

      cryptbot

    • Enumerates VirtualBox registry keys

      defense_evasion

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks