crealstealer | 38ae76715fa9a566a0e74f682b7dd9f588b54b263bea369429be49848ff0422c | Triage

Submit
Reports

Overview

overview

Static

static

VapeV4Cracked.exe

windows11-21h2-x64

7

Creal.pyc

windows11-21h2-x64

3

Sharing

General

Target

VapeV4Cracked.exe
Size

13.6MB
Sample

240210-wj8ebseg4t
MD5

a3c081e2912080dfdc6a9c981530b6f0
SHA1

4eeb04ea61ff6b829b8b52952d68584a1cdb6e69
SHA256

38ae76715fa9a566a0e74f682b7dd9f588b54b263bea369429be49848ff0422c
SHA512

c16e60520245030f3cb3f52266bf20295c2f020bebdc2416e51b0db87d931069e02b3c5f5a92bc83316136767eb055066bc8c34be8cf2a7061841be2cb64f291
SSDEEP

393216:/niIE7Yo5D2nwW+eGQRIMTozGxu8C0ibfz6e57K1bmXdWCNx+:/87r5DawW+e5R5oztZ026e5IkVN4

Score

10^/10

crealstealer pyinstaller spyware stealer

Static task

static1

pyinstaller crealstealer

4 signatures

Behavioral task

behavioral1

Sample

VapeV4Cracked.exe

Resource

win11-20231215-en

spyware stealer

windows11-21h2-x64

9 signatures

150 seconds

Behavioral task

behavioral2

Sample

Creal.pyc

Resource

win11-20231215-en

windows11-21h2-x64

9 signatures

150 seconds

Malware Config

Targets

- Target
  
  VapeV4Cracked.exe
- Size
  
  13.6MB
- MD5
  
  a3c081e2912080dfdc6a9c981530b6f0
- SHA1
  
  4eeb04ea61ff6b829b8b52952d68584a1cdb6e69
- SHA256
  
  38ae76715fa9a566a0e74f682b7dd9f588b54b263bea369429be49848ff0422c
- SHA512
  
  c16e60520245030f3cb3f52266bf20295c2f020bebdc2416e51b0db87d931069e02b3c5f5a92bc83316136767eb055066bc8c34be8cf2a7061841be2cb64f291
- SSDEEP
  
  393216:/niIE7Yo5D2nwW+eGQRIMTozGxu8C0ibfz6e57K1bmXdWCNx+:/87r5DawW+e5R5oztZ026e5IkVN4
Score

7^/10

spyware stealer
- Drops startup file
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Accesses cryptocurrency files/wallets, possible credential harvesting
  spyware
- Legitimate hosting services abused for malware hosting/C2
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
behavioral1
- Target
  
  Creal.pyc
- Size
  
  267KB
- MD5
  
  1cb2bb24e94088c1c4dd68be1b49bcb9
- SHA1
  
  81f036fb053b2c8d849180f02c61789218cbf3fc
- SHA256
  
  e11c420ad1dba1dc19eb98775827ea5167ab830cdedc5e96fb9399ffe19810f7
- SHA512
  
  765be637621e47df99d503a567352dbe1b797d09f0cb6d649da5d4d0fbd3577173f4390b1979b2f390f6535f09b843829ae6f579ab05374622f5bf52ff638809
- SSDEEP
  
  3072:6g7MaNdUcd6rQ5Ap9ypIAXJzYmfiTNh3zDv80R4KTEI2EBqdb2w:SQUg605ApAzYmfiTNh3zDv8GT72EBE9
Score

3^/10
behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Process Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

pyinstallercrealstealer

behavioral1

behavioral2

© 2018-2025

Terms | Privacy