Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    EXT.exe

  • Size

    17.2MB

  • MD5

    cc6f02b774b0961ceb94a8a4834ca04a

  • SHA1

    13a71dda01a40c8c92c2414e88fa5fe5ad5e8f19

  • SHA256

    0b3fcce21c7df51cd88bbfb9de77e17bafd85e8614b30d2f7fcb90624fd2e8c7

  • SHA512

    f47882eebf1074940f7d8b2e236fc96feaa3aa5e143af77a1b98bdd57b65abcab42127830f0b65d42ffb63087e9e71503585d00e22dba645029d200c21573e8f

  • SSDEEP

    393216:nEk/+4uSQUJWQsUcR4NzQW+eGQRe9jo7BGeiGH1mzrwrFeOC3MALY:n3+RnUYQFIW+e5Re9M/swraLY

Malware Config

Signatures

  • An infostealer written in Python and packaged with PyInstaller. 1 IoCs
  • Crealstealer family
  • Detects Pyinstaller 1 IoCs
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • EXT.exe
    .exe windows:5 windows x64 arch:x64

    f4f2e2b03fe5666a721620fcea3aea9b


    Headers

    Imports

    Sections

  • Creal.pyc