crealstealer | 397dd6ecd93a3b4d896fcf3af189dcd51a98c6504c11639af6587aa017f3f607 | Triage

Submit
Reports

Overview

overview

Static

static

Blank-Admin1.rar.exe

windows10-2004-x64

7

Creal.pyc

windows10-2004-x64

3

Sharing

General

Target

Blank-Admin1.rar.exe
Size

9.9MB
Sample

231229-ry31yaeafj
MD5

a3c355791a32902bd88f5a42a284f104
SHA1

c1efe9959317a7cb3fdc011ad07fa5e97e80910e
SHA256

397dd6ecd93a3b4d896fcf3af189dcd51a98c6504c11639af6587aa017f3f607
SHA512

fa07f2ab6255cc4e9e2a5020f6dbd5291aa07e92247c7ca7c0a92503afb4c446f721cfcbe9ee15509eeb0694e919523b3a55d5eb36df6d00f5a2e2cb2bbfcd67
SSDEEP

196608:eVXGX180p6gdfRrxbAQvVwejuJDUX47dwdW0ZW9B/9Uujcsl16V1N5Mr:JXxfRrxNaUX47d4h69NjXsHy

Score

10^/10

crealstealer pyinstaller

Static task

static1

pyinstaller crealstealer

4 signatures

Behavioral task

behavioral1

Sample

Blank-Admin1.rar.exe

Resource

win10v2004-20231215-en

windows10-2004-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

Creal.pyc

Resource

win10v2004-20231215-en

windows10-2004-x64

8 signatures

150 seconds

Malware Config

Targets

- Target
  
  Blank-Admin1.rar.exe
- Size
  
  9.9MB
- MD5
  
  a3c355791a32902bd88f5a42a284f104
- SHA1
  
  c1efe9959317a7cb3fdc011ad07fa5e97e80910e
- SHA256
  
  397dd6ecd93a3b4d896fcf3af189dcd51a98c6504c11639af6587aa017f3f607
- SHA512
  
  fa07f2ab6255cc4e9e2a5020f6dbd5291aa07e92247c7ca7c0a92503afb4c446f721cfcbe9ee15509eeb0694e919523b3a55d5eb36df6d00f5a2e2cb2bbfcd67
- SSDEEP
  
  196608:eVXGX180p6gdfRrxbAQvVwejuJDUX47dwdW0ZW9B/9Uujcsl16V1N5Mr:JXxfRrxNaUX47d4h69NjXsHy
Score

7^/10
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
behavioral1
- Target
  
  Creal.pyc
- Size
  
  187KB
- MD5
  
  7277caa9e498af79ef25adbe4a698883
- SHA1
  
  0e2b92e38d12b1ea592025453022a4f66870b744
- SHA256
  
  c8188b2333d7fda9b4edf4f51765eecbbc8e22f3d680d7dd7609ad688bfcd0c8
- SHA512
  
  8cf98e76ab56634cc4e45de1350a14228cefaeef94a4f3169df5ab9fd5fa579194952e27be1d53fd01d4c9b5f712ddbc933d8f5c7ea7dbab6533789dfd28e081
- SSDEEP
  
  3072:qm+5IxGJduiq3y6AV3uotGzfedw/7YygTAHaBMbXdb7petXpSpV519TZsMgUOVvj:PCd16y6AV3Dtsf+wDY3TAHaBMrdb7pep
Score

3^/10
behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Process Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

pyinstallercrealstealer

behavioral1

behavioral2

© 2018-2025

Terms | Privacy