General

  • Target

    NitroGen.exe

  • Size

    8.2MB

  • MD5

    15f03a4f7de9a8420c6024944e85e5ec

  • SHA1

    c0405dae61e53eb8fe2d6bbb900742302e0a5361

  • SHA256

    68f1fe10624256fef229a8dfcc775476b31f5ac796fa7346b06c210a164fc397

  • SHA512

    13b64292fc6a8d6a47e272b41ffedaf90994e255699ad26ed2931c8daed01d243e828059da12fff4defb0e0e5ac19e85af47a843afdfa81df2273c88a0ffe04f

  • SSDEEP

    196608:4ou78K/1+AdQmRJ8dA6l7aycBIGpEGo6hTOv+QKfgwHQhxMX96Z:5u7L/fdQusl29foWOv+9fgwH

Malware Config

Signatures

  • An infostealer written in Python and packaged with PyInstaller. 1 IoCs
  • Crealstealer family
  • Detects Pyinstaller 1 IoCs
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • NitroGen.exe
    .exe windows:5 windows x64 arch:x64

    1e92fd54d65284238a0e3b74b2715062


    Headers

    Imports

    Sections

  • Creal.pyc