General

  • Target

    1ba7bedaaa3a81350a78cf579e625e879d6d68cef0f7ac8c55cc419798f380e1.exe

  • Size

    16.1MB

  • MD5

    017603b860f67f7f65f724e519465926

  • SHA1

    51b1924ec73969fc16e00c0e80597c07711cf866

  • SHA256

    1ba7bedaaa3a81350a78cf579e625e879d6d68cef0f7ac8c55cc419798f380e1

  • SHA512

    a695347bef5bdfdcd4adee43909b375828d89d48f78f88d443e4e19728ff82f2bfb5487ea80fbbbd9953394985bb0fdc935da734eb32220fb386d701f9bc3945

  • SSDEEP

    393216:29YiZM63hucsXMCHWUj/cuIbvR/PrK8Xms96YqZVo:29YiZt3hrsXMb8Ut/TKXlVo

Malware Config

Signatures

  • An infostealer written in Python and packaged with PyInstaller. 1 IoCs
  • Crealstealer family
  • Detects Pyinstaller 1 IoCs
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 1ba7bedaaa3a81350a78cf579e625e879d6d68cef0f7ac8c55cc419798f380e1.exe
    .exe windows:6 windows x64 arch:x64

    72c4e339b7af8ab1ed2eb3821c98713a


    Headers

    Imports

    Sections

  • Creal.pyc