General

  • Target

    sploo.rar

  • Size

    5.9MB

  • MD5

    6795a57e477338a79fa1230fa58611a8

  • SHA1

    2612c6a6601be2cfbebc7a5445043a8b4f109f09

  • SHA256

    02d7e5052e4e2975846fa7be59598c6459f1af7a59a751909e0054ed23873556

  • SHA512

    1365ca547c20266829000402af73b0923686a4e0fdb81705955a1e2342d48882812170443175f5ca0f336b81f4b8ba5188db62cd81e6e10ae9579336195b1038

  • SSDEEP

    98304:kunIl1Fmriu/TpgS0HIGwVPoeIYphmY5QSAGNBPR3HezFFsuM5Ui:XIl1Ftu/fF8YpheSfT3Hgi

Score
10/10

Malware Config

Signatures

  • A stealer written in Python and packaged with Pyinstaller 1 IoCs
  • Blankgrabber family

Files

  • sploo.rar
    .rar

    Password: blank.123

  • sploo/READ.txt
  • sploo/SplooSpoofer.exe
    .exe windows:6 windows x64 arch:x64

    Password: blank.123

    72c4e339b7af8ab1ed2eb3821c98713a


    Code Sign

    Headers

    Imports

    Sections

  • }}��؆Q.pyc
  • sploo/sploo.dll