Overview

overview

10

Static

static

8

dbb9168502...in.doc

windows7_x64

10

dbb9168502...in.doc

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    dbb9168502e819619e94d9dc211d5f4967d8083ac5f4f67742b926abb04e6676.bin

  • Size

    790KB

  • Sample

    210401-76y84m3wce

  • MD5

    c7a3276763a5c1b13f93028aab5a6e73

  • SHA1

    c2844b69a36b3be37f8db97b0afc051f6bf36671

  • SHA256

    dbb9168502e819619e94d9dc211d5f4967d8083ac5f4f67742b926abb04e6676

  • SHA512

    2ef8d3eb3f1368591666d9f85dddb210c05fe16569f3553086f42d7b82133669c5a9e7fe1263407bb54bb9f75216ef9fcb78348427e334ef74afd6e3f429c01a

Score
10/10
crimsonratmacromacro_on_actionrat

Malware Config

Targets

    • Target

      dbb9168502e819619e94d9dc211d5f4967d8083ac5f4f67742b926abb04e6676.bin

    • Size

      790KB

    • MD5

      c7a3276763a5c1b13f93028aab5a6e73

    • SHA1

      c2844b69a36b3be37f8db97b0afc051f6bf36671

    • SHA256

      dbb9168502e819619e94d9dc211d5f4967d8083ac5f4f67742b926abb04e6676

    • SHA512

      2ef8d3eb3f1368591666d9f85dddb210c05fe16569f3553086f42d7b82133669c5a9e7fe1263407bb54bb9f75216ef9fcb78348427e334ef74afd6e3f429c01a

    Score
    10/10
    crimsonratrat

    • CrimsonRAT Main Payload

    • CrimsonRat

      Crimson RAT is a malware linked to a Pakistani-linked threat actor.

      ratcrimsonrat

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks