crealstealer | 89edb2f688a460aeae19112c94b0b598bf852b64382dd12dc7141fc94049d241 | Triage

Submit
Reports

Overview

overview

Static

static

forge-1.12...er.exe

windows10-2004-x64

7

creal.pyc

windows10-2004-x64

3

Sharing

General

Target

forge-1.12.2-48.1.0-installer.jar
Size

17.1MB
Sample

240222-x2qgxaeb3s
MD5

c0825198447dcf6f41a32978c04879f6
SHA1

24efd6fedf7e9b5a57870f9d7e52b9a84b9fe1aa
SHA256

89edb2f688a460aeae19112c94b0b598bf852b64382dd12dc7141fc94049d241
SHA512

a27cde3603284239b6c7956a1e96dca6b12e2d9e0f4b9e9d84948c2a0b29216412bcca644989446fe1a0a1b270b305b481c5c2ebd9e122ee8c8f7ec90e357bb9
SSDEEP

393216:sbu7L/sQDqjmu0DbMjdQuslSl99oWOv+9fY7qzj0Uf:SCL0QWKQdQu9DorvSA78Y

Score

10^/10

crealstealer pyinstaller

Static task

static1

pyinstaller crealstealer

4 signatures

Behavioral task

behavioral1

Sample

forge-1.12.2-48.1.0-installer.exe

Resource

win10v2004-20240221-en

windows10-2004-x64

4 signatures

1800 seconds

Behavioral task

behavioral2

Sample

creal.pyc

Resource

win10v2004-20240221-en

windows10-2004-x64

3 signatures

1800 seconds

Malware Config

Targets

- Target
  
  forge-1.12.2-48.1.0-installer.jar
- Size
  
  17.1MB
- MD5
  
  c0825198447dcf6f41a32978c04879f6
- SHA1
  
  24efd6fedf7e9b5a57870f9d7e52b9a84b9fe1aa
- SHA256
  
  89edb2f688a460aeae19112c94b0b598bf852b64382dd12dc7141fc94049d241
- SHA512
  
  a27cde3603284239b6c7956a1e96dca6b12e2d9e0f4b9e9d84948c2a0b29216412bcca644989446fe1a0a1b270b305b481c5c2ebd9e122ee8c8f7ec90e357bb9
- SSDEEP
  
  393216:sbu7L/sQDqjmu0DbMjdQuslSl99oWOv+9fY7qzj0Uf:SCL0QWKQdQu9DorvSA78Y
Score

7^/10
- Loads dropped DLL
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
behavioral1
- Target
  
  creal.pyc
- Size
  
  38KB
- MD5
  
  bc78afc60bbe285a465b2045545069a2
- SHA1
  
  6b7038b75ef9c7e0563c22baa940c250180a7072
- SHA256
  
  96e2c6c24145d4cfac354c3004e1b29452bb10aad74068c16e250bc52a090d33
- SHA512
  
  6428b579c36e203997c05633d677f7a980f98feb17c50d916b1bcc6cdf151658c6906cf25298cc9c0a642c0ff144bdd56b04b5f58f9ed3494e6f1bc148369cc6
- SSDEEP
  
  768:/Y8TsOi+SG//zQReyWHAoSRCiPn+w892qlX6J7de50AFrcEWH/BXpv034mpjqCAH:rHUgGwifM2jdeal3XpMomsCAC61
Score

3^/10
behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

pyinstallercrealstealer

behavioral1

behavioral2

© 2018-2025

Terms | Privacy