Overview

overview

10

Static

static

10

Creal-Stea...er.bat

windows11-21h2-x64

1

Creal-Stea...eal.py

windows11-21h2-x64

3

Creal-Stea...ll.bat

windows11-21h2-x64

1

Analysis

  • max time kernel
    11s
  • max time network
    21s
  • platform
    windows11-21h2_x64
  • resource
    win11-20231215-en
  • resource tags

    arch:x64arch:x86image:win11-20231215-enlocale:en-usos:windows11-21h2-x64system
  • submitted
    19-01-2024 15:33

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Creal-Stealer-main/builder.bat

  • Size

    57B

  • MD5

    c856a1995fa86d5bf3dde2a2de732d93

  • SHA1

    21de21d0ea29ffb9f3061b5d81116408dd228cb8

  • SHA256

    23fb3df8dca77c02ab3d76013b6e12a2a1fda1a93ef675211c77df9ec6ce39bd

  • SHA512

    793fb9e4d8b146a4e8d6e0dfa2d756ade17143420215f6b10646758bff39df964f6fa29761b4c6755dac7d1f8aea81152ac615d5b91bcea6018f997d0ecb5715

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Windows\system32\cmd.exe
    C:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Local\Temp\Creal-Stealer-main\builder.bat"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2872
    • C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.0.42251.0_x64__8wekyb3d8bbwe\AppInstallerPythonRedirector.exe
      python builder.pyw
      2⤵
        PID:2600

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads