General

  • Target

    reni-discord-rat.zip

  • Size

    16.4MB

  • MD5

    88b1dcb52381de7b1a4d22bdbaa965ca

  • SHA1

    e27fc20733c1b05cf233405b54c0c7ec1728a796

  • SHA256

    4541b6437ea08c7fa890b11d01dce587d7061a2c2c737c5daeed57721e71aa6a

  • SHA512

    ff671d2e434cea80187778fd27bb3a0017f62187078a6616401e096e4dd503e7dc6074e7ed61791789bb307449eb8c78553251af8f893dc56c01728fa90868bc

  • SSDEEP

    393216:Gj+CQE0xNJZEZwWUK7v5bo1HYkuyrZvH3p02ro:Gj+p3qZAK7poZUyN/yIo

Malware Config

Signatures

  • An infostealer written in Python and packaged with PyInstaller. 1 IoCs
  • Crealstealer family
  • Detects Pyinstaller 1 IoCs
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • reni-discord-rat.zip
    .zip
  • reni-discord-rat/README.md
  • reni-discord-rat/Renicail.rar
    .rar
  • Renicail/READ ME.txt
  • Renicail/pass.txt
  • Renicail/renicail_menu.exe
    .exe windows:5 windows x64 arch:x64

    0b5552dccd9d0a834cea55c0c8fc05be


    Headers

    Imports

    Sections

  • Creal.pyc
  • Renicail/requirements.txt