crimsonrat | d2c46e066ff7802cecfcb7cf3bab16e63827c326b051dc61452b896a673a6e67 | Triage

Sharing

General

Target

d2c46e066ff7802cecfcb7cf3bab16e63827c326b051dc61452b896a673a6e67
Size

9.6MB
MD5

a3a0750d74705d235b60556f1331ae9b
SHA1

2982a2c5de2fada0f41bf59fa57c372d34ccb15b
SHA256

d2c46e066ff7802cecfcb7cf3bab16e63827c326b051dc61452b896a673a6e67
SHA512

da2c27f191290ae03d43978dd762ee4cb72a235f300237ffbe7313ad698a1bd6e8d84c5efd0e715ddc1f7bc9d2dd10203c1828d0d8f802c4e07010fadb9561d7
SSDEEP

768:o5ed2ADwTsV0HFWMIbBWHjTydV0RfGYhzGc0lu/56S:oAdZDwT9H2ORfGYhPq6H

Score

10^/10

crimsonrat

Malware Config

Signatures

CrimsonRAT Main Payload 1 IoCs

Processes:

resource	yara_rule
sample	family_crimsonrat

Crimsonrat family
crimsonrat

Files

d2c46e066ff7802cecfcb7cf3bab16e63827c326b051dc61452b896a673a6e67
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Code Sign

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 9.6MB - Virtual size: 9.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ