Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    Blank-Admin1.rar.exe

  • Size

    9.9MB

  • MD5

    a3c355791a32902bd88f5a42a284f104

  • SHA1

    c1efe9959317a7cb3fdc011ad07fa5e97e80910e

  • SHA256

    397dd6ecd93a3b4d896fcf3af189dcd51a98c6504c11639af6587aa017f3f607

  • SHA512

    fa07f2ab6255cc4e9e2a5020f6dbd5291aa07e92247c7ca7c0a92503afb4c446f721cfcbe9ee15509eeb0694e919523b3a55d5eb36df6d00f5a2e2cb2bbfcd67

  • SSDEEP

    196608:eVXGX180p6gdfRrxbAQvVwejuJDUX47dwdW0ZW9B/9Uujcsl16V1N5Mr:JXxfRrxNaUX47d4h69NjXsHy

Malware Config

Signatures

  • An infostealer written in Python and packaged with PyInstaller. 1 IoCs
  • Crealstealer family
  • Detects Pyinstaller 1 IoCs
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • Blank-Admin1.rar.exe
    .exe windows:5 windows x64 arch:x64

    1af6c885af093afc55142c2f1761dbe8


    Headers

    Imports

    Sections

  • Creal.pyc