crimsonrat | 69f998bd67a5dbfd79bcc44f0cf2284ed61fac9bfaba3d3b4dfb19a57baa29c5 | Triage

Submit
Reports

Overview

overview

Static

static

69f998bd67...c5.doc

windows7_x64

69f998bd67...c5.doc

windows10_x64

Sharing

General

Target

69f998bd67a5dbfd79bcc44f0cf2284ed61fac9bfaba3d3b4dfb19a57baa29c5
Size

533KB
Sample

201212-nk43rgbfh2
MD5

41b70737fa8dda75d5e95c82699c2e9b
SHA1

cd3bb41346fdc37053dc6b5a83f2c77fe4e2c3bf
SHA256

69f998bd67a5dbfd79bcc44f0cf2284ed61fac9bfaba3d3b4dfb19a57baa29c5
SHA512

1ceac62694165f281846bf27ebd693c8368fc28e487961b01c369ad3276ea63e97766e07b419f4140ba42b24bc350818104534b5bcff9635097f06a866b3acab

Score

10^/10

crimsonrat rat

Static task

static1

Behavioral task

behavioral1

Sample

69f998bd67a5dbfd79bcc44f0cf2284ed61fac9bfaba3d3b4dfb19a57baa29c5.doc

Resource

win7v20201028

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

69f998bd67a5dbfd79bcc44f0cf2284ed61fac9bfaba3d3b4dfb19a57baa29c5.doc

Resource

win10v20201028

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  69f998bd67a5dbfd79bcc44f0cf2284ed61fac9bfaba3d3b4dfb19a57baa29c5
- Size
  
  533KB
- MD5
  
  41b70737fa8dda75d5e95c82699c2e9b
- SHA1
  
  cd3bb41346fdc37053dc6b5a83f2c77fe4e2c3bf
- SHA256
  
  69f998bd67a5dbfd79bcc44f0cf2284ed61fac9bfaba3d3b4dfb19a57baa29c5
- SHA512
  
  1ceac62694165f281846bf27ebd693c8368fc28e487961b01c369ad3276ea63e97766e07b419f4140ba42b24bc350818104534b5bcff9635097f06a866b3acab
Score

10^/10

crimsonrat rat
- CrimsonRAT Main Payload
- CrimsonRat
  Crimson RAT is a malware linked to a Pakistani-linked threat actor.
  rat crimsonrat
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy