General

  • Target

    Creal.exe

  • Size

    17.2MB

  • MD5

    614c7d725cf644c402ab1676f1c9a1c2

  • SHA1

    47febcbbb37adab89106933f2c526ab65200c8f1

  • SHA256

    5c6d3424022fcf83f557a6ac1f16e524f26090b27c0285d892c479e4962c57d9

  • SHA512

    7238d36888bff3a41033fb67fadf29286f8ac2227a475127789e96eb381fc703c9cb22a98a5801451962046e4f56bb27b11c018ed245c499458bf0bc7aab544f

  • SSDEEP

    393216:PEkwAci2xY1+TtIiFg0VBSRW8E5u6bGaL6gIF4E5IXvCI9:PI+GY1QtI6YRW8IuyLeWE5IXqI9

Malware Config

Signatures

  • An infostealer written in Python and packaged with PyInstaller. 1 IoCs
  • Crealstealer family
  • Detects Pyinstaller 1 IoCs
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • Creal.exe
    .exe windows:6 windows x64 arch:x64

    456e8615ad4320c9f54e50319a19df9c


    Headers

    Imports

    Sections

  • Creal.pyc