crealstealer | 5c85131e2b1d7373f9eb4a653e8bc47ee31a84915963048e2b0121d20720248c | Triage

Submit
Reports

Overview

overview

Static

static

Spoofer All.exe

windows11-21h2-x64

7

Sharing

General

Target

Spoofer All.exe
Size

13.4MB
Sample

240702-dcmvyatapa
MD5

bb3f51f46a185ccd1657b7895bbdf411
SHA1

1a1fd260e9257ac8fd9aab7929f16a1c081833ac
SHA256

5c85131e2b1d7373f9eb4a653e8bc47ee31a84915963048e2b0121d20720248c
SHA512

dc632fb8d1b5d7ad852cd3007478d185effb86f678b0adf7147493eeca97d7c9fb7ebe1fbdb1c7b3c2ae04deb331111fb94c96c97dedf51cb02f0096ecb88c23
SSDEEP

196608:rQWEkwAc7wuLIoBA1HeT39IigwE1ncKOVVtd97wghkiLtQGN+j0WHivHw4/:HEkwAcsIq1+TtIiFg0VBxwnS6bj936

Score

10^/10

crealstealer pyinstaller spyware stealer

Static task

static1

pyinstaller crealstealer

4 signatures

Behavioral task

behavioral1

Sample

Spoofer All.exe

Resource

win11-20240508-en

spyware stealer

windows11-21h2-x64

14 signatures

150 seconds

Malware Config

Targets

- Target
  
  Spoofer All.exe
- Size
  
  13.4MB
- MD5
  
  bb3f51f46a185ccd1657b7895bbdf411
- SHA1
  
  1a1fd260e9257ac8fd9aab7929f16a1c081833ac
- SHA256
  
  5c85131e2b1d7373f9eb4a653e8bc47ee31a84915963048e2b0121d20720248c
- SHA512
  
  dc632fb8d1b5d7ad852cd3007478d185effb86f678b0adf7147493eeca97d7c9fb7ebe1fbdb1c7b3c2ae04deb331111fb94c96c97dedf51cb02f0096ecb88c23
- SSDEEP
  
  196608:rQWEkwAc7wuLIoBA1HeT39IigwE1ncKOVVtd97wghkiLtQGN+j0WHivHw4/:HEkwAcsIq1+TtIiFg0VBxwnS6bj936
Score

7^/10

spyware stealer
- Drops startup file
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Accesses cryptocurrency files/wallets, possible credential harvesting
  spyware
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Peripheral Device Discovery

Process Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

pyinstallercrealstealer

behavioral1

© 2018-2025

Terms | Privacy