Overview

overview

8

Static

static

1

URLScan

urlscan

https://github.com/d...

windows7-x64

1

https://github.com/d...

windows10-1703-x64

8

https://github.com/d...

windows10-2004-x64

5

Resubmissions

29-04-2024 05:30

240429-f7dxmabg58 10

29-04-2024 05:26

240429-f4wchabf96 8

20-04-2024 15:56

240420-tdbgascb67 10

19-04-2024 21:04

240419-zwwsvafe74 10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    https://github.com/davon21121/krampus-cracked/blob/main/celex.exe

  • Sample

    240429-f4wchabf96

Score
8/10
pyinstallerspywarestealer

Malware Config

Targets

    • Target

      https://github.com/davon21121/krampus-cracked/blob/main/celex.exe

    Score
    8/10
    pyinstallerspywarestealer

    • Downloads MZ/PE file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Drops desktop.ini file(s)

    • Legitimate hosting services abused for malware hosting/C2

    • Drops file in System32 directory

    behavioral1behavioral2behavioral3

MITRE ATT&CK Enterprise v15

Tasks