General

  • Target

    Hwid Checker.exe

  • Size

    13.2MB

  • MD5

    dc612bf57e8ad69f02e18c6c78ca9eda

  • SHA1

    aa2846f2ae32f804a959cb85ddeabff0d0158e38

  • SHA256

    5d71b143297178acf37fc0e057dce00600e71246735e40e0156cd22d9751a298

  • SHA512

    6c5223aa6d8f71114e346f7cea9f2f1b7fa8e534ba9ba0f37fcffd92c2883f8705c5b43fce8656673c9490d5a44aba659e69b61e31880b47250473a6b93923fe

  • SSDEEP

    393216:vEkMD2nwW+eGQRIMTozGxu8C0ibfz6e57G1bmXiWCUI:vUDawW+e5R5oztZ026e5sFVUI

Malware Config

Signatures

  • An infostealer written in Python and packaged with PyInstaller. 1 IoCs
  • Crealstealer family
  • Detects Pyinstaller 1 IoCs
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • Hwid Checker.exe
    .exe windows:5 windows x64 arch:x64

    1af6c885af093afc55142c2f1761dbe8


    Headers

    Imports

    Sections

  • creal.pyc