crealstealer | 41016a42eebba343a485e97334f5f1fd7d94e6ddf7dbc8942e15a62a39e227f1 | Triage

Submit
Reports

Overview

overview

Static

static

minecraftinjects.exe

windows10-2004-x64

7

Sharing

General

Target

minecraftinjects.exe
Size

15.9MB
Sample

240211-ybhj2sch28
MD5

b8fc1447b11d53d0fcb1ef709b5639bd
SHA1

b7d11bc55aa25fcb05bce3137c9b9b25a12dbcfe
SHA256

41016a42eebba343a485e97334f5f1fd7d94e6ddf7dbc8942e15a62a39e227f1
SHA512

61cdd424e15dc9408dc24dc1e00ae4015ba7cf60fe528654a223241359aa13403f85a0e808cc4f84b19b5a79ebf7169307735f0cb5d40491fc94b3c3acf3f06c
SSDEEP

393216:riIE7YoTgf8yntpUTLfhJe1+TtIiFGuvB5IjWqn6eCz14ypRXiWCQJ:Y7rTb+HUTLJE1QtIZS3ILn6edyaVQJ

Score

10^/10

crealstealer pyinstaller spyware stealer

Static task

static1

pyinstaller crealstealer

4 signatures

Behavioral task

behavioral1

Sample

minecraftinjects.exe

Resource

win10v2004-20231215-en

spyware stealer

windows10-2004-x64

9 signatures

30 seconds

Malware Config

Targets

- Target
  
  minecraftinjects.exe
- Size
  
  15.9MB
- MD5
  
  b8fc1447b11d53d0fcb1ef709b5639bd
- SHA1
  
  b7d11bc55aa25fcb05bce3137c9b9b25a12dbcfe
- SHA256
  
  41016a42eebba343a485e97334f5f1fd7d94e6ddf7dbc8942e15a62a39e227f1
- SHA512
  
  61cdd424e15dc9408dc24dc1e00ae4015ba7cf60fe528654a223241359aa13403f85a0e808cc4f84b19b5a79ebf7169307735f0cb5d40491fc94b3c3acf3f06c
- SSDEEP
  
  393216:riIE7YoTgf8yntpUTLfhJe1+TtIiFGuvB5IjWqn6eCz14ypRXiWCQJ:Y7rTb+HUTLJE1QtIZS3ILn6edyaVQJ
Score

7^/10

spyware stealer
- Drops startup file
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Accesses cryptocurrency files/wallets, possible credential harvesting
  spyware
- Legitimate hosting services abused for malware hosting/C2
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Process Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

pyinstallercrealstealer

behavioral1

© 2018-2025

Terms | Privacy