General

  • Target

    creal.zip

  • Size

    20.9MB

  • MD5

    ad4705fe0d5d2aaf215edfdd0be8d153

  • SHA1

    341907bc41e8afe711c71a1d09fb6da16f88613a

  • SHA256

    cc17096af8773e751303b8b0e50b0ef139f62856526f4638eea4ecbf8857a120

  • SHA512

    5135ad7f2881e8857a4e0a286aff75e3421e3f05812ff2c192f37668101ab5105f9d437cbc51c461621be775fbb1868b910ba944b5ee7a04b0d4606ae6bda823

  • SSDEEP

    393216:vHL0oylDtPoif1dSqju1bCvEUl/TCxusFdug1QtcryGKs43nerLMq:vr9y1tgUdtytCvHTCxusV1Wc2B53erQq

Malware Config

Signatures

  • An infostealer written in Python and packaged with PyInstaller. 1 IoCs
  • Crealstealer family
  • Detects Pyinstaller 1 IoCs
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • creal.zip
    .zip
  • creal.exe
    .exe windows:5 windows x64 arch:x64

    1af6c885af093afc55142c2f1761dbe8


    Headers

    Imports

    Sections

  • creal.pyc