crealstealer | 5d1a5e6a0fe0de08388bcc77c01a9d65f02027a7e049cb2502dbb5ae0051b14e | Triage

Submit
Reports

Overview

overview

Static

static

dridex

windows10-2004-x64

7

Sharing

General

Target

5d1a5e6a0fe0de08388bcc77c01a9d65f02027a7e049cb2502dbb5ae0051b14e
Size

18.0MB
Sample

231004-lvl1cscf65
MD5

f756a17dfe696ec8ab80d65766298ea3
SHA1

8e01305af072036815852b5aa8338497c96f920c
SHA256

5d1a5e6a0fe0de08388bcc77c01a9d65f02027a7e049cb2502dbb5ae0051b14e
SHA512

b56c30c5b624c1d196c4bc6d6ec5146c3f50004a36b2388b68b3145139ac1f7fff4daebfc996fd8d128e1f358388a79de965d695f5b102e990cb7a571b191798
SSDEEP

393216:WQtsT4aTKk3meBcGfd0NYMvv8f6lCOdSV:WQtsc+KaT5F0NYob2

Score

10^/10

crealstealer pyinstaller spyware stealer

Static task

static1

pyinstaller crealstealer

4 signatures

Behavioral task

behavioral1

Sample

5d1a5e6a0fe0de08388bcc77c01a9d65f02027a7e049cb2502dbb5ae0051b14e.exe

Resource

win10v2004-20230915-en

spyware stealer

windows10-2004-x64

9 signatures

150 seconds

Malware Config

Targets

- Target
  
  5d1a5e6a0fe0de08388bcc77c01a9d65f02027a7e049cb2502dbb5ae0051b14e
- Size
  
  18.0MB
- MD5
  
  f756a17dfe696ec8ab80d65766298ea3
- SHA1
  
  8e01305af072036815852b5aa8338497c96f920c
- SHA256
  
  5d1a5e6a0fe0de08388bcc77c01a9d65f02027a7e049cb2502dbb5ae0051b14e
- SHA512
  
  b56c30c5b624c1d196c4bc6d6ec5146c3f50004a36b2388b68b3145139ac1f7fff4daebfc996fd8d128e1f358388a79de965d695f5b102e990cb7a571b191798
- SSDEEP
  
  393216:WQtsT4aTKk3meBcGfd0NYMvv8f6lCOdSV:WQtsc+KaT5F0NYob2
Score

7^/10

spyware stealer
- Drops startup file
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Accesses cryptocurrency files/wallets, possible credential harvesting
  spyware
- Legitimate hosting services abused for malware hosting/C2
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Process Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

pyinstallercrealstealer

behavioral1

© 2018-2025

Terms | Privacy