crealstealer | a14f7a2392354079c2d0ad3f06df918dfbad709f9acdd0d74466f515d65ae186 | Triage

Submit
Reports

Overview

overview

Static

static

Fex Mta 1.6.exe

windows10-1703-x64

7

Resubmissions

09-03-2024 03:10

240309-dpgvfsch8z 10

09-03-2024 02:59

240309-dg1mlaca48 10

Sharing

General

Target

mtafexhack.rar
Size

15.0MB
Sample

240309-dpgvfsch8z
MD5

6285a9922a822d8a61e2fc946dfe4b85
SHA1

6899aa13c897b88361de92e707ac78298f00cf78
SHA256

a14f7a2392354079c2d0ad3f06df918dfbad709f9acdd0d74466f515d65ae186
SHA512

2d924b43686241d9e2346c7c2edbd5b5b8c0878be9c48ea277edc0ea6ae426910d586e0a57769abe9b5103fd8efd3fecc534c1b096dcd205c7840bfae10aca71
SSDEEP

393216:yKSkcVAMS3+ujfCgg1UG485Dt3xxJyHBKeiikt4ze663NvV:yvS3Rjy1P4QGBbUtxr3NN

Score

10^/10

crealstealer pyinstaller spyware stealer

Static task

static1

pyinstaller crealstealer

4 signatures

Behavioral task

behavioral1

Sample

Fex Mta 1.6.exe

Resource

win10-20240221-en

spyware stealer

windows10-1703-x64

9 signatures

150 seconds

Malware Config

Targets

- Target
  
  Fex Mta 1.6.exe
- Size
  
  15.2MB
- MD5
  
  86bdf7a1dd011600ee2fb810eaea7c60
- SHA1
  
  75fc7df14ebffd5a9fa685d76143d5e5a7672ee1
- SHA256
  
  ffad3589cfbc63919114421db2d46cdb46b9129e920d8aaa9e96faa1282f3e8b
- SHA512
  
  02322b403997d686378274f646bbe2ff0dc1d69d5c7dd53f4d175b3c9b5646c57072a6d0c0c56efb6258ace276a43b816a110d50aa96b7614502ed5708b90169
- SSDEEP
  
  393216:3EkZQpdQuslSq99oWOv+9rzgVC2A75vm3:3hQpdQuSDorvSrMVC2Wv+
Score

7^/10

spyware stealer
- Drops startup file
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Accesses cryptocurrency files/wallets, possible credential harvesting
  spyware
- Legitimate hosting services abused for malware hosting/C2
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Process Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

pyinstallercrealstealer

behavioral1

© 2018-2024

Terms | Privacy