Overview

overview

10

Static

static

10

creal.exe

windows7-x64

7

creal.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    122s
  • max time network
    129s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    15-03-2024 18:56

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    creal.exe

  • Size

    13.0MB

  • MD5

    b5249b2da6a0ca612cf45c36fdd25bb3

  • SHA1

    7e6e5c4d797faf82deed4b49fa6e9763028bed58

  • SHA256

    51d39a30b0eb8d498c9199efd41081e067f00770ecdfca3ed16318d9ae7c9e4d

  • SHA512

    770a4e7a07e53dc3d266e3f5db702a602f8562f730860e478ead1fc7f2b3d44f7cb005b10a8181a95471ab16258d85f8cfa31109c22c7bed2415d2acd90616ec

  • SSDEEP

    393216:Ru7L/povKmr2pu0tTtdQuslSl9DoWOv+9fqX8hXd:RCLRoKmr2puI5dQu9xorvSiMhX

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 1 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\creal.exe
    "C:\Users\Admin\AppData\Local\Temp\creal.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:1184
    • C:\Users\Admin\AppData\Local\Temp\creal.exe
      "C:\Users\Admin\AppData\Local\Temp\creal.exe"
      2⤵
      • Loads dropped DLL
      • Suspicious behavior: GetForegroundWindowSpam
      PID:2468

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\_MEI11842\python310.dll
    Filesize

    3.8MB

    MD5

    4a304070e5d0108035adec0d52dded3f

    SHA1

    5bd996c3acdbdabc9bdbf8102f1664823dafe41f

    SHA256

    26adac665c0e4160813b9f91c0e8fe4c68791aa058089528d1cc57de2ec8a137

    SHA512

    de48ea1c2539ccd06010f751333db183ef25aaa26ddedda85701ff20e5c3aeb0699135db16c5c572d21e8e046e20693a18c6e8bd276b1e6c4ff78ad6015ba0ad

    Download Submit

  • \Users\Admin\AppData\Local\Temp\_MEI11842\python310.dll
    Filesize

    4.3MB

    MD5

    deaf0c0cc3369363b800d2e8e756a402

    SHA1

    3085778735dd8badad4e39df688139f4eed5f954

    SHA256

    156cf2b64dd0f4d9bdb346b654a11300d6e9e15a65ef69089923dafc1c71e33d

    SHA512

    5cac1d92af7ee18425b5ee8e7cd4e941a9ddffb4bc1c12bb8aeabeed09acec1ff0309abc41a2e0c8db101fee40724f8bfb27a78898128f8746c8fe01c1631989

    Download Submit