crealstealer | 66e5bf4b8e8687cf26e2b0fca0e85b10a93680e1e6f82256ccd4b8dabf5234c6 | Triage

Submit
Reports

Overview

overview

Static

static

Mc-Gen.exe

windows7-x64

7

Mc-Gen.exe

windows10-2004-x64

7

Sharing

General

Target

MC-Gen.zip
Size

14.1MB
Sample

240220-sjrvssah56
MD5

c20f8b5038b3abd090d3b2cbeffaf039
SHA1

e6c897ee163859ca5fe1b37b3f938bbe515087fe
SHA256

66e5bf4b8e8687cf26e2b0fca0e85b10a93680e1e6f82256ccd4b8dabf5234c6
SHA512

57f69c9cad3db53c6fc8259a42d1334f352d82919f5f0ddf9f0b48a1ff3de72e19aa5f437c2ccc5225d860affe97df6b63c91b8fa2eb7e5ee3b4de2ee6307715
SSDEEP

393216:TsPcWn1evole3u+MBELAJSH2p4Ls4QHZxFTXR:TsP3neole++MGLIp0s4MDR

Score

10^/10

crealstealer pyinstaller spyware stealer

Static task

static1

pyinstaller crealstealer

4 signatures

Behavioral task

behavioral1

Sample

Mc-Gen.exe

Resource

win7-20231215-en

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

Mc-Gen.exe

Resource

win10v2004-20231215-en

spyware stealer

windows10-2004-x64

13 signatures

150 seconds

Malware Config

Targets

- Target
  
  Mc-Gen.exe
- Size
  
  14.3MB
- MD5
  
  5e17678827dab1a21e00558406819f23
- SHA1
  
  640c6b18840eda6b89f0fef1b890e672df61658b
- SHA256
  
  2f0938d6bd9306b7bd6b7a1367503c3c00206da7975d3e95ab2b1f39366e0234
- SHA512
  
  f228a7c2bfb5248ec5dd35dcfc1ba29ab8c86458f9fa467d3d5acd55547c408640c2bf5dc2c3df3bcdc93c80700676003bd2bf4a5278b512510655a6562d1aba
- SSDEEP
  
  393216:uu7L/sQs+SyzdInEroXF14S2rn8h+1AcYBf6B/:uCL0QdSyCErU8Lj1A16
Score

7^/10

spyware stealer
- Drops startup file
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Accesses cryptocurrency files/wallets, possible credential harvesting
  spyware
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Process Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

pyinstallercrealstealer

behavioral1

behavioral2

© 2018-2025

Terms | Privacy