Overview

overview

7

Static

static

3

creal.exe

windows10-1703-x64

7

Resubmissions

14-03-2024 19:27

240314-x57klach4v 7

14-03-2024 19:25

240314-x4822afa49 7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    creal.exe

  • Size

    16.2MB

  • Sample

    240314-x4822afa49

  • MD5

    8966c05a6d958d7d07abcbf07b8e21d3

  • SHA1

    3fb5cd9ef3893612a919ceaa988ccec3d7ee6fb2

  • SHA256

    7c7772a917e5a6f69d33de65a11debf826619a3f0cd92da0257cd5173980a5da

  • SHA512

    807a3300595002b027a32601054cc162b7b49fdeb1a8527fe17e74912b4f7f8bfca24b1b1d895172e7086500fe1709e792338c7ee7bd35b92d2d933188c7149d

  • SSDEEP

    393216:LCEkMD2gP8AxYD3W+eGQRCMTozGxu8C0ibfz6e57U1qX8WjIxda:LCUD2bXTW+e5RLoztZ026e56leIxda

Score
7/10
pyinstallerspywarestealer

Malware Config

Targets

    • Target

      creal.exe

    • Size

      16.2MB

    • MD5

      8966c05a6d958d7d07abcbf07b8e21d3

    • SHA1

      3fb5cd9ef3893612a919ceaa988ccec3d7ee6fb2

    • SHA256

      7c7772a917e5a6f69d33de65a11debf826619a3f0cd92da0257cd5173980a5da

    • SHA512

      807a3300595002b027a32601054cc162b7b49fdeb1a8527fe17e74912b4f7f8bfca24b1b1d895172e7086500fe1709e792338c7ee7bd35b92d2d933188c7149d

    • SSDEEP

      393216:LCEkMD2gP8AxYD3W+eGQRCMTozGxu8C0ibfz6e57U1qX8WjIxda:LCUD2bXTW+e5RLoztZ026e56leIxda

    Score
    7/10
    spywarestealer

    • Drops startup file

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Accesses cryptocurrency files/wallets, possible credential harvesting

      spyware

    • Legitimate hosting services abused for malware hosting/C2

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks