Overview

overview

10

Static

static

10

Creal.exe

windows7-x64

7

Creal.exe

windows10-2004-x64

7

Resubmissions

07/01/2024, 17:46

240107-wcqwpsbedq 10

07/01/2024, 17:45

240107-wbsnxacdg6 10

Analysis

  • max time kernel
    119s
  • max time network
    124s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    07/01/2024, 17:45

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Creal.exe

  • Size

    13.2MB

  • MD5

    709bfa6c20f38aa909f80c0eca2d624c

  • SHA1

    48cef5ce3cdfbb9f3cddffb0647b2d80ced6ad13

  • SHA256

    2a332f209daa3b58df34483be1ac792f75f08d166e6c6f2f702538d17b5ef56b

  • SHA512

    5a53983304b62c6ab065cffce08e97231ea52f1ea51ca3eb4da06c884019f414a4781dd65d7205b02b6f45abb61c9c58f808ddde21d4fb5630625e445cc68da0

  • SSDEEP

    393216:dXGDn5nwW+eGQRIMTozGxu8C0ibfz6e575A8K5aWCuVl:d2DnRwW+e5R5oztZ026e5JxVuVl

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\Creal.exe
    "C:\Users\Admin\AppData\Local\Temp\Creal.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:1720
    • C:\Users\Admin\AppData\Local\Temp\Creal.exe
      "C:\Users\Admin\AppData\Local\Temp\Creal.exe"
      2⤵
      • Loads dropped DLL
      PID:2608

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\_MEI17202\python312.dll
    Filesize

    930KB

    MD5

    1a2b02fbeb88979528a7e1d9921676f9

    SHA1

    f4929970f1e68a2efaaf1643f735a4137f64f02f

    SHA256

    ef1471242f9c0332e3d193711cada95f394b7330b2284ae9049421db81e6779d

    SHA512

    fca481057643d2883ed00fb6884908388d31b99d352affa0227f212d066aaccab7ea539c39417c5ad997fd0544a0ee85553d25b800208c331ed8f782d7bb6fcb

    Download Submit

  • \Users\Admin\AppData\Local\Temp\_MEI17202\python312.dll
    Filesize

    1024KB

    MD5

    1121372fd7232cedadc4a8a6c912e127

    SHA1

    303d61179e60268b6a9fcc7dd8633d9ff573dcf3

    SHA256

    5ca63c76ee36472f507a3710f8df29ce1bb3c041b2af622ef29220dcc620dd7a

    SHA512

    404786bbe11bcc18d0168b1fe1351b6197af1af97f5e8fa6bfbdfc403addbe2c42cedf5803b3e5a9d43d71fbfd52b9f6e90a6abbb77b37bb31f3183a978d74cc

    Download Submit