General

  • Target

    KRNL-EXECUTOR-V12.exe

  • Size

    34.0MB

  • MD5

    89c00de85764ee1c7449523d965c0480

  • SHA1

    c41a457aa238a40866356a2a595a87cb4dbdc921

  • SHA256

    060393d7269b81f408676b7e1e573f5d9ccc5d1823462002745a954fb3ca221c

  • SHA512

    792798a0d3342bdd36a2e316c389fb0014a52d19eed620c4dd7a9fcd5b93fa6bdfd46d2576d4d726513e55483af6bbb870450f970d720613980fc2e9e4b43b32

  • SSDEEP

    196608:6zQstV/O0ZwbT/9bvLz3S1bA3zaSE2aJKo3EHi:attwbTlj3S1bOzXxa3gi

Score
10/10

Malware Config

Signatures

  • A stealer written in Python and packaged with Pyinstaller 1 IoCs
  • Blankgrabber family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • KRNL-EXECUTOR-V12.exe
    .exe windows:5 windows x64 arch:x64

    1af6c885af093afc55142c2f1761dbe8


    Headers

    Imports

    Sections

  • �B�>��.pyc