General

  • Target

    creal.exe

  • Size

    9.2MB

  • MD5

    a3ddaf6391df2c44703918d3568249e8

  • SHA1

    9d7ec33affa350047d193dff351a434233562832

  • SHA256

    0a2f69730b92420810335622cadf896064cca4f72b80cbcec53ee2040386de9d

  • SHA512

    af606704328cb9acb3616b1a99e8fea525b4780f358db30b5a3f94166b10d89ec9a04a4f8742d869f5eb97d8ff1e88e4beee87351f28054d7f22a83bdf8c784d

  • SSDEEP

    196608:On5d31W903eV4QR7MToEuGxgh858F0ibfU36e7LSEYgABZbk9Ytlxz:2W+eGQR7MTozGxu8C0ibfY6eKkZ2z

Malware Config

Signatures

  • An infostealer written in Python and packaged with PyInstaller. 1 IoCs
  • Crealstealer family
  • Detects Pyinstaller 1 IoCs
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • creal.exe
    .exe windows:5 windows x64 arch:x64

    1af6c885af093afc55142c2f1761dbe8


    Headers

    Imports

    Sections

  • creal.pyc