crealstealer | 22442d487765e55be893d7b769b48bdcc193d537aada4435954d6cbdb0563d86 | Triage

Submit
Reports

Overview

overview

Static

static

StudioApp.exe

windows7-x64

7

StudioApp.exe

windows10-2004-x64

7

Sharing

General

Target

StudioApp.exe
Size

14.6MB
Sample

240202-gdr3tshdcr
MD5

ea6ab30812126ed8f703ecabe9f89f00
SHA1

6ca5fc27c598eef84065518e7a649dfe9c1c76a2
SHA256

22442d487765e55be893d7b769b48bdcc193d537aada4435954d6cbdb0563d86
SHA512

117b72096463a6a15ff654a36de4f9024cf494a466b4c0fc3ea867f9614c13c98913efcecc2fe690acd6fe006b5517b787570fa3214c7d3313b8a468876a07de
SSDEEP

393216:9kiIE7YoPQJidQuslSq99oWOv+9fg5SE70AQw:997rPQwdQuSDorvSY5S5At

Score

10^/10

crealstealer pyinstaller spyware stealer

Static task

static1

pyinstaller crealstealer

4 signatures

Behavioral task

behavioral1

Sample

StudioApp.exe

Resource

win7-20231215-en

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral2

Sample

StudioApp.exe

Resource

win10v2004-20231215-en

spyware stealer

windows10-2004-x64

8 signatures

150 seconds

Malware Config

Targets

- Target
  
  StudioApp.exe
- Size
  
  14.6MB
- MD5
  
  ea6ab30812126ed8f703ecabe9f89f00
- SHA1
  
  6ca5fc27c598eef84065518e7a649dfe9c1c76a2
- SHA256
  
  22442d487765e55be893d7b769b48bdcc193d537aada4435954d6cbdb0563d86
- SHA512
  
  117b72096463a6a15ff654a36de4f9024cf494a466b4c0fc3ea867f9614c13c98913efcecc2fe690acd6fe006b5517b787570fa3214c7d3313b8a468876a07de
- SSDEEP
  
  393216:9kiIE7YoPQJidQuslSq99oWOv+9fg5SE70AQw:997rPQwdQuSDorvSY5S5At
Score

7^/10

spyware stealer
- Drops startup file
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Accesses cryptocurrency files/wallets, possible credential harvesting
  spyware
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Process Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

pyinstallercrealstealer

behavioral1

behavioral2

© 2018-2025

Terms | Privacy