General

  • Target

    spoofer.rar

  • Size

    16.6MB

  • MD5

    35f5e7365a648275583afb62487d7fb7

  • SHA1

    ba52c0e6481e1fbe6fe850b9e6a17328461d9d08

  • SHA256

    86cdc5aac38ed2eba636fb2a70e384810f55590e8e6ca103a3e9099b58aa039e

  • SHA512

    dec01143f66b55e6fb274765faa30d4eb5de4b6eb9b3a2d7539b742109faebcc0dd8250ab1aeeffaa9b3c93b324443705a94b647a467a8b71bafa7debe52444d

  • SSDEEP

    393216:JJnQwt+A1IAe0QJ0ZtW8nbwC3uV89zOCsdTvdyVzmzsw:JCwQ3Ae0QJAt1nb33BhXsdTvEVzmzsw

Malware Config

Signatures

  • An infostealer written in Python and packaged with PyInstaller. 1 IoCs
  • Crealstealer family
  • Detects Pyinstaller 1 IoCs
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • spoofer.rar
    .rar
  • spoofer/77d4b75d7cde4f43.exe
    .exe windows:5 windows x64 arch:x64

    1af6c885af093afc55142c2f1761dbe8


    Headers

    Imports

    Sections

  • creal.pyc