crealstealer | 5cfc72e90d884f2902c17c860e3141dc4f33b5a18714f56a51b9df8198a60712 | Triage

Submit
Reports

Overview

overview

Static

static

ayo.exe

windows10-1703-x64

7

creal.pyc

windows10-1703-x64

3

Sharing

General

Target

ayo.exe
Size

16.0MB
Sample

240301-wbx9dsba86
MD5

627cc44e0f1f2ce6f5b5b2916d44f7e6
SHA1

a3e98f4ea558599c08e7cd53773abbe1abe53621
SHA256

5cfc72e90d884f2902c17c860e3141dc4f33b5a18714f56a51b9df8198a60712
SHA512

d766f5246e42593ead9153df86a75adbd480a782144a3ead573f0e0e96c788b1172d260df963ea374c279de4813af421997d75a76f53f2e571ef50599e3bb971
SSDEEP

393216:OEkMD3VSo03kiJo3W+eGQRCMTozGxu8C0ibfz6e57O1bmXiWCU:OUD3wo03kiu3W+e5RLoztZ026e5kFVU

Score

10^/10

crealstealer pyinstaller

Static task

static1

pyinstaller crealstealer

4 signatures

Behavioral task

behavioral1

Sample

ayo.exe

Resource

win10-20240221-en

windows10-1703-x64

3 signatures

1800 seconds

Behavioral task

behavioral2

Sample

creal.pyc

Resource

win10-20240221-en

windows10-1703-x64

11 signatures

1800 seconds

Malware Config

Targets

- Target
  
  ayo.exe
- Size
  
  16.0MB
- MD5
  
  627cc44e0f1f2ce6f5b5b2916d44f7e6
- SHA1
  
  a3e98f4ea558599c08e7cd53773abbe1abe53621
- SHA256
  
  5cfc72e90d884f2902c17c860e3141dc4f33b5a18714f56a51b9df8198a60712
- SHA512
  
  d766f5246e42593ead9153df86a75adbd480a782144a3ead573f0e0e96c788b1172d260df963ea374c279de4813af421997d75a76f53f2e571ef50599e3bb971
- SSDEEP
  
  393216:OEkMD3VSo03kiJo3W+eGQRCMTozGxu8C0ibfz6e57O1bmXiWCU:OUD3wo03kiu3W+e5RLoztZ026e5kFVU
Score

7^/10
- Loads dropped DLL
behavioral1
- Target
  
  creal.pyc
- Size
  
  66KB
- MD5
  
  e5d7c4cb17ed6eef9ccf7ae6c18fb76a
- SHA1
  
  0af9cce533aafc9b7884852f5c7c96109a27d678
- SHA256
  
  7e396b4b77af751baf10f8bba0612d7c98ef5ecd4875503d0f40b488e35adab5
- SHA512
  
  3b05c4d3ebd24f152edefab31076ca08cd1a1bf0cb61af4c2e803bfefdcd2ae639b3bb692e9be4425d0688a27055b495acb85d2fe07c65abcacd723fb697d40a
- SSDEEP
  
  1536:gSFwCG9FRrr493Bunl08ZZHX8FQmGw9rQJG:gYwCermunRX8viG
Score

3^/10
behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

pyinstallercrealstealer

behavioral1

behavioral2

© 2018-2024

Terms | Privacy