General

  • Target

    celex.rar

  • Size

    5.8MB

  • MD5

    5f5aa3bf313f8cab432b2185bbcfb286

  • SHA1

    a7a3d3b0ae66b17f0b492f293ccead4bd894c0d9

  • SHA256

    bc2e4f2883c1c8bcca9cad71f19c397897020efe2c84e3d28f4c496717cc6468

  • SHA512

    4b74a7041b1a5a73f26cb95763c65f20b9e8d4abf513e5c4e31c0bb0692f0e4cd9b215115104f170d1fa1744a5151329b2c9fdd3e08659cbf763e996ef7d899c

  • SSDEEP

    98304:7rABUAPlPKvZYGmBR5Dqih1I8XLwhy/ZQmgDsUeTS+4M7cN67+Y3IGF2g7SRVpIH:gpwvZsBR5mih1FLwhySc8+4M7cM+9Gv9

Score
10/10

Malware Config

Signatures

  • A stealer written in Python and packaged with Pyinstaller 1 IoCs
  • Blankgrabber family
  • Unsigned PE 2 IoCs

    Checks for missing Authenticode signature.

Files

  • celex.rar
    .rar
  • celex/README.txt
  • celex/crack.exe
    .exe windows:5 windows x64 arch:x64

    1af6c885af093afc55142c2f1761dbe8


    Headers

    Imports

    Sections

  • G��x�.pyc
  • celex/runtime.dll
    .dll windows:6 windows x64 arch:x64


    Headers

    Exports

    Sections

  • celex/user.json