Overview

overview

10

Static

static

10

creal.exe

windows7-x64

7

creal.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    19s
  • max time network
    18s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    06-02-2024 23:58

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    creal.exe

  • Size

    15.8MB

  • MD5

    0202d06ea52870cd5e8ae02c8bfa0157

  • SHA1

    74a4c486075684ef20805ee5c7a979e9925e3a7d

  • SHA256

    997bc2b7665781bc5162a4aa645b4afc4705e835a030ea4ef39b0189a7ccb3b7

  • SHA512

    17dc78e5e89947bf9fa0c576d642f9e5a40ca356bf7b34e8b224976a6b547f024c28f3f3e4be4837df54e4d049d63a75fa315eb230469058ad3ccc27905c5085

  • SSDEEP

    393216:koEkMD2ntpUTLfhJsW+eGQRCMTozGxu8C0ibfz6e57Y1bmXiWCUI:TUDaHUTLJSW+e5RLoztZ026e5WFVUI

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\creal.exe
    "C:\Users\Admin\AppData\Local\Temp\creal.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2164
    • C:\Users\Admin\AppData\Local\Temp\creal.exe
      "C:\Users\Admin\AppData\Local\Temp\creal.exe"
      2⤵
      • Loads dropped DLL
      PID:2792

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\_MEI21642\python312.dll
    Filesize

    4.6MB

    MD5

    f68863c11373d26b2c14a736b4c1e7ae

    SHA1

    4606a525fb31bf1dd3c75e8957d36be0361e6d44

    SHA256

    0bdc342ed0c6ece9fc74fb8f1eb7b09d6980215c14198571d9e6aa8958da6a8a

    SHA512

    6652b19227f9e2a561285a57929a351ae40949fbf5ae07f98cd0e7b2eb7488f5c6e6b0915a0a54bceccbb378b76338bf7c69a5e138987ad37b0fbfc65536206b

    Download Submit

  • \Users\Admin\AppData\Local\Temp\_MEI21642\python312.dll
    Filesize

    1024KB

    MD5

    1121372fd7232cedadc4a8a6c912e127

    SHA1

    303d61179e60268b6a9fcc7dd8633d9ff573dcf3

    SHA256

    5ca63c76ee36472f507a3710f8df29ce1bb3c041b2af622ef29220dcc620dd7a

    SHA512

    404786bbe11bcc18d0168b1fe1351b6197af1af97f5e8fa6bfbdfc403addbe2c42cedf5803b3e5a9d43d71fbfd52b9f6e90a6abbb77b37bb31f3183a978d74cc

    Download Submit