General

  • Target

    Creal.exe

  • Size

    17.2MB

  • MD5

    e970cf72226f88874600e25012891156

  • SHA1

    ff016a986557ec18fcf58200c400398eb7b14e4d

  • SHA256

    2cc5696a8a356753ef582bcf0b32b8b8f74dfa4290502355d63a0ff9e7e5539a

  • SHA512

    d3bd41f6e3906ac5d2dac689180963adabeb178b030593ab1d35cf2555c6b1516a6f3e79da31f18804d260bbe98fe53c52c47c0952326722c40d2c1c0986dcab

  • SSDEEP

    393216:FEkwAci2xY1+TtIiFg0VBSRW8E5u6bGaL6gIF4E5IXvCI9:FI+GY1QtI6YRW8IuyLeWE5IXqI9

Malware Config

Signatures

  • An infostealer written in Python and packaged with PyInstaller. 1 IoCs
  • Crealstealer family
  • Detects Pyinstaller 1 IoCs
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • Creal.exe
    .exe windows:6 windows x64 arch:x64

    456e8615ad4320c9f54e50319a19df9c


    Headers

    Imports

    Sections

  • Creal.pyc