crimsonrat | dfa54dc6c171740352006b7125219b1fd9cd1403be4a3440c1ad1acb1b42d37e | Triage

Submit
Reports

Overview

overview

Static

static

dfa54dc6c1...7e.exe

windows7_x64

dfa54dc6c1...7e.exe

windows10_x64

Sharing

General

Target

dfa54dc6c171740352006b7125219b1fd9cd1403be4a3440c1ad1acb1b42d37e
Size

387KB
Sample

220121-21dh6scddp
MD5

2a82b0c4a6d1e0b685e15ee159324c28
SHA1

1dd115a3b1e39dca45e07bf44d76bd3f83e624f5
SHA256

dfa54dc6c171740352006b7125219b1fd9cd1403be4a3440c1ad1acb1b42d37e
SHA512

e64676c84a3a7ff8c6a9129a5c9c8fe40ac0287f6c41fe94b3b609b01917d234a032bb19a0be737eabd968714dba38715a4e8016da6ba968f454a0969a4e0e37

Score

10^/10

crimsonrat rat

Static task

static1

Behavioral task

behavioral1

Sample

dfa54dc6c171740352006b7125219b1fd9cd1403be4a3440c1ad1acb1b42d37e.exe

Resource

win7-en-20211208

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

dfa54dc6c171740352006b7125219b1fd9cd1403be4a3440c1ad1acb1b42d37e.exe

Resource

win10-en-20211208

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  dfa54dc6c171740352006b7125219b1fd9cd1403be4a3440c1ad1acb1b42d37e
- Size
  
  387KB
- MD5
  
  2a82b0c4a6d1e0b685e15ee159324c28
- SHA1
  
  1dd115a3b1e39dca45e07bf44d76bd3f83e624f5
- SHA256
  
  dfa54dc6c171740352006b7125219b1fd9cd1403be4a3440c1ad1acb1b42d37e
- SHA512
  
  e64676c84a3a7ff8c6a9129a5c9c8fe40ac0287f6c41fe94b3b609b01917d234a032bb19a0be737eabd968714dba38715a4e8016da6ba968f454a0969a4e0e37
Score

10^/10

crimsonrat rat
- CrimsonRAT Main Payload
- CrimsonRat
  Crimson RAT is a malware linked to a Pakistani-linked threat actor.
  rat crimsonrat
- Executes dropped EXE
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy