General

  • Target

    SilverBullet 1.4.1 [Pro].zip

  • Size

    42.3MB

  • MD5

    919770fb7387818cf80cb79bb53bbb0c

  • SHA1

    fd8c22185f28d6585225295884cb1495dad44cdd

  • SHA256

    cf44f5c1dc5bfccb23436149f3de5f4292fc141a9ec7f5349c5e31b2b483c176

  • SHA512

    263081395c4239c5a6aeaae6903d97d7675e6d4875069d128b842074575e906cf255fb3394420b99a75243e70d4bbf35123801f4b26be29acaaaa74d27e4bcfb

  • SSDEEP

    786432:wTSVngzDC5rtFu4gUTg0NzoGQPTO1MJTKT9uoq7NbqklvyaoAH1Gftmmo0:LceFu32OPa1LqZmklq2oZ

Malware Config

Signatures

  • A stealer written in Python and packaged with Pyinstaller 1 IoCs
  • An infostealer written in Python and packaged with PyInstaller. 1 IoCs
  • Blankgrabber family
  • Crealstealer family
  • Detects Pyinstaller 2 IoCs
  • Unsigned PE 6 IoCs

    Checks for missing Authenticode signature.

Files

  • SilverBullet 1.4.1 [Pro].zip
    .zip
  • SilverBulletPro.exe
    .exe windows:4 windows x64 arch:x64

    7182b1ea6f92adbf459a2c65d8d4dd9e


    Headers

    Imports

    Sections

  • errorlog.exe
    .exe windows:6 windows x64 arch:x64

    78da59308ee0088a874b4a6cdd7d91bd


    Headers

    Imports

    Sections

  • host.exe
    .exe windows:5 windows x64 arch:x64

    1af6c885af093afc55142c2f1761dbe8


    Code Sign

    Headers

    Imports

    Sections

  • �&�MKm.pyc
  • x64/expections.exe
    .exe windows:5 windows x64 arch:x64

    1af6c885af093afc55142c2f1761dbe8


    Headers

    Imports

    Sections

  • expections.pyc
  • x64/leptonica-1.82.0.dll
    .dll windows:6 windows x64 arch:x64

    66404742b0d36500e64e6193938c413c


    Headers

    Imports

    Exports

    Sections

  • x64/runtime.exe
    .exe windows:5 windows x64 arch:x64

    1af6c885af093afc55142c2f1761dbe8


    Headers

    Imports

    Sections

  • creal.pyc
  • x64/tesseract53.dll
    .dll windows:6 windows x64 arch:x64

    59b3e7cb79d53a78d99c7a50568ec846


    Headers

    Imports

    Exports

    Sections