General

  • Target

    Creal.exe

  • Size

    16.6MB

  • MD5

    e2767fe88acabec342588239d37c71b5

  • SHA1

    1ee6db0ae4d58ce3a7ab40ece6e70fc56ab0f8cf

  • SHA256

    faace355a6f09b7e2ce35144ea523b253c34539b9b9016f17b74cc01bd0756cf

  • SHA512

    3549449356ec41608be4247cdb063273cb2bd0b26c904973baf5f3246a7dac03562987dd5146bbd479c17891d814528a009a1c2114deda10252a7b0cab1bc040

  • SSDEEP

    196608:3gLaAX+0kL4Czh+cBDzf4LBIP6k4FMIZETSrjPePdrQJFKbkBIsjwru+158aCETu:0xDkXzsszf490RQETSrvJUOOu+oES

Malware Config

Signatures

  • An infostealer written in Python and packaged with PyInstaller. 1 IoCs
  • Crealstealer family
  • Detects Pyinstaller 1 IoCs
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • Creal.exe
    .exe windows:6 windows x64 arch:x64

    72c4e339b7af8ab1ed2eb3821c98713a


    Headers

    Imports

    Sections

  • Creal.pyc