CryptBot2

CryptBot Delphi stealer shark2.bin x8D8.io C2. Browser password crypto wallet. MSH_WHEELSUPPORT Delphi RAD Studio.

Threat Profile
Type Infostealer
Programming LanguageDelphi
C2 ProtocolHTTP
First Seen2019
Targets Kuresel
Purpose / Capabilities
  • Credential+Crypto Stealer

C2 Servers 1

Address Port Protocol Status Action
x8D8.io
443 HTTPS INACTIVE

⚠ C2 addresses are shared solely for threat intelligence and defensive purposes. Unauthorized access to these addresses constitutes a criminal offense.

Research Reports (3)

High

CryptBot -- shark2.bin Delphi Stealer, x8D8.io C2, Çoklu c2 Substring Referansı | Yüksek

CryptBot 6MB shark2.bin Delphi stealer. x8D8.io C2 domain. 2c2p2 90C2r c2t stealer config substring. MSH_WHEELSUPPORT Delphi.

Read Report →
High

CryptBot -- shark2.bin 6MB Delphi, x8D8.io .io C2, ScreenSnap Ekran Kaydı | Yüksek

CryptBot 6MB shark2.bin Delphi. x8D8.io .io domain. poScreenCenter+ScreenSnap+TScreen Delphi ekran bileşeni.

Read Report →
High

CryptBot 2 -- shark2.bin 6MB, tvO.es + x8D8.io C2 Domain, GetTickCount | Yüksek

CryptBot2 shark2.bin 6MB. tvO.es + x8D8.io C2. GetTickCount timing. Delphi stealer.

Read Report →