Request a Demo
Rewterz
Rewterz Threat Alert – AZORult Malware – Active IOCs
October 4, 2021
Rewterz
Rewterz Threat Alert – FormBook Malware – Active IOCs
October 4, 2021

Rewterz Threat Alert – CryptBot Trojan – Active IOCs

Severity

High

Analysis Summary

Cryptbot is delivered as a Trojan malware. The Cryptbot Trojan Malware hides within legitimate software in order to be installed by its victims. Some malicious websites and many of them appear on the top pages such as cracks and serials of popular commercial software are entered in search engines, many victims have downloaded this malware and execute on their systems.

Impact

  • Credential Theft
  • Information Theft
  • Expose of Sensitive Data

Indicators of Compromise

MD5

  • cb5e9fa4a078cf6ee53f2aa4f86307ee
  • 7a11540ebe747bab94e1adb29a95115f
  • a35cdb08c8c4b9dc06e73e220e6171b0
  • 0ec853303cbf6b1510466c7a8fac41b3
  • 09151abdacdf7f5b9a7449f1a1eedf4d
  • 864bdb5058812652dbdf4c94cbc57e24
  • b3eb4f102bfdebf63846dee86f385444
  • 894e7586817bfdf276c5e1a3aad1dc0f
  • 71113af6d184f9cdd28f35836b5ebbc5
  • 9a745c32c2018a757b999cc46ab1f4cc
  • 0f64ddd766bc02d60538e1c0fe754b40

SHA-256

  • d957feb6138afa93ff11d210b5f63559f112f40a0c3534ae769fc180902cdb7d
  • 0e86541596a3c2b757192470ccad8addc0c48a8973d0e8b30a55a10eed16d686
  • 4338455a669ade5c278337dbfb3121c9083dacd051e0868c2a781fda61b27b36
  • d202c0e7fb20f6becc56075ad7d102f7cc0633087a78cf1ba056d9f566be837e
  • 1e60df2998f83cc041cdfd52421ed43c3f5cc9804d8557dce7e3ebc4090b336b
  • d45b89c5e6c74dc4c2c3fbe46f8bced888f2a20eea41473ad1c57462d3f9e610
  • 2d135ba7293fa1efabbd29e8630e7c75ae93762a6e0fcac0e462e0ec32ff1bcf
  • 07ddae4f4d7e95d1b20f68913820e6d88dfb1c3481e3faade72d7c1e6f4ae0f7
  • 1c4b02f432df1bf0719a271e86df5fc2fe03a2a99f0c97042b78dd176b3174eb
  • 70d01c6918c07b4cd0daa9b2c688fbd7e0e2e6f77831c9bd351be29a7991e1d3
  • 63d9d211e1fae3e169ecd91e81e7ce5f10c43c35a2194340cbd85341dc323c4f

SHA-1

  • 74ec3c1865be2a7be6e8a882a5386898b6d41cdf
  • cde8c33a3a288f528f9a4083cd9f0ee5dc3fd849
  • 581beafd5ee9c927f3fb13116be56f5fcdfd084a
  • 58ed849f84a561cfce9daec9c1cd407a68b34196
  • 95f159bc5124855e3158da41075d4a21ad88abe1
  • 38f845493e16c74caae273a1f9e9e1fcef36317f
  • 3dba9310185850a0ab92cac7289377a242339496
  • cee6632d2f28da071dcd244e695fbb1d1b13eef3
  • 23950117a742b4caffae3891d4fff612e22ff4d9
  • 18519bc309e8d7582f7840a2ff1b4f12efb54e30
  • 602601fb918e937f3d0cde16a9bd0259401c8dd8

Remediation

  • Block all threat indicators at your respective controls
  • Search for IOCs in your environment.