General

  • Target

    creal.exe

  • Size

    13.1MB

  • MD5

    1037b622405037d28238b5e189babb37

  • SHA1

    03dc2257f02ff9f080e0af7c426aa01da7cd2b88

  • SHA256

    88f24437bea9f7828a404947fb5875feb3eccd94ee705067d2969f6bca5ca4c3

  • SHA512

    a21fd47f11cde04c6764e7bfd3573021c55ec5a64853bcd09348fbbca99a552147248bd45d234de328f452d7a32c6421328ac34ebae50f77df15925fe135f844

  • SSDEEP

    393216:AEk0DnonwW+eGQRIMTozGxu8C0ibfY6e5ZUt8S53WkaVcD:AMDnMwW+e5R5oztZ0R6e5ZBULaVcD

Malware Config

Signatures

  • An infostealer written in Python and packaged with PyInstaller. 1 IoCs
  • Crealstealer family
  • Detects Pyinstaller 1 IoCs
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • creal.exe
    .exe windows:5 windows x64 arch:x64

    1af6c885af093afc55142c2f1761dbe8


    Headers

    Imports

    Sections

  • creal.pyc