crealstealer | f6787d31ffd66853f1c15c4b7de175a76e02b6fe36523ebf97e3622cf3111dc7 | Triage

Resubmissions

15-03-2024 16:58

240315-vg366ade8s 10

14-03-2024 21:29

240314-1bxebafg2y 10

Sharing

General

Target

Fight To The Death.exe
Size

13.0MB
Sample

240314-1bxebafg2y
MD5

a19cf172e3828f190e416be5ad28415f
SHA1

9f7232e5bf4dcc64348dce04be0db137cda306d4
SHA256

f6787d31ffd66853f1c15c4b7de175a76e02b6fe36523ebf97e3622cf3111dc7
SHA512

024ddde4ba83bccfb142feadda18db16025c57830ce8637f5682f9d896621a3a354e2287546f717c71bf00c6faa64edca8b480a41687c8c37dff67c7ab0c80d2
SSDEEP

393216:Wu7L/povKmr2pu0tTtdQuslSl9DoWOv+9fqX8hXd:WCLRoKmr2puI5dQu9xorvSiMhX

Score

10^/10

crealstealer pyinstaller spyware stealer

Malware Config

Targets

- Target
  
  Fight To The Death.exe
- Size
  
  13.0MB
- MD5
  
  a19cf172e3828f190e416be5ad28415f
- SHA1
  
  9f7232e5bf4dcc64348dce04be0db137cda306d4
- SHA256
  
  f6787d31ffd66853f1c15c4b7de175a76e02b6fe36523ebf97e3622cf3111dc7
- SHA512
  
  024ddde4ba83bccfb142feadda18db16025c57830ce8637f5682f9d896621a3a354e2287546f717c71bf00c6faa64edca8b480a41687c8c37dff67c7ab0c80d2
- SSDEEP
  
  393216:Wu7L/povKmr2pu0tTtdQuslSl9DoWOv+9fqX8hXd:WCLRoKmr2puI5dQu9xorvSiMhX
Score

7^/10

spyware stealer
- Drops startup file
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Accesses cryptocurrency files/wallets, possible credential harvesting
  spyware
- Legitimate hosting services abused for malware hosting/C2
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
behavioral1 behavioral2
- Target
  
  creal.pyc
- Size
  
  32KB
- MD5
  
  686377a51e2d22fc749548894f57830e
- SHA1
  
  6c182815705ce635827e3c61a475743c8bb255c0
- SHA256
  
  e22abb31b07bf5fc19806087f3c921738fba5a9ce7c0ec190f83e5f3d77bfd79
- SHA512
  
  5710d83f8715d6e262e9352e8e8d25b719f01481c56a5017940936d7c5040cb05a5d73b7f56d849abb3164bf840317d6e5908742eeed601ac3a82788bf5fca85
- SSDEEP
  
  768:L8DnrjC2VsfNEiyAuAfKFMrRtfqtvEwS7bnjerAroaHjsIAvN8YC06X:IjrjQe3aKFcfDwS7fuPviYD6X
Score

3^/10
behavioral3 behavioral4

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Process Discovery

System Information Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

pyinstallercrealstealer

behavioral1

behavioral2

behavioral3

behavioral4