Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    fpsbooster.exe

  • Size

    10.6MB

  • MD5

    ae8472fb1d1cd4b552e713c496a8ea5c

  • SHA1

    974a150578fe2879b9f16c50d8c6ce722457d440

  • SHA256

    bb7bfe39f1aa1ec4ef6463630c97d5186de1a4593488f11f2ed2498b5a3f7597

  • SHA512

    f725e799abe0cf0f6a21968d06259f44f2efdfb170e1c59e06cc51806c7ecbf8d42c237ac693e5d03d67ab545dc8eab90835e753968d4559b792c297026f1fed

  • SSDEEP

    196608:kzEkobwrHLDuWJysVYvsOIroyMxxvjDDAxlfe6df/dHzmHZ3v9oxXTya+BuGPlsh:mEkomHmWJZoyMxtDDAxlfxdf/dHWZ3lO

Malware Config

Signatures

  • An infostealer written in Python and packaged with PyInstaller. 1 IoCs
  • Crealstealer family
  • Detects Pyinstaller 1 IoCs
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • fpsbooster.exe
    .exe windows:5 windows x64 arch:x64

    1af6c885af093afc55142c2f1761dbe8


    Headers

    Imports

    Sections

  • creal.pyc