Overview

overview

10

Static

static

8

cd0c624ff7...1.docm

windows7_x64

10

cd0c624ff7...1.docm

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    cd0c624ff748d78e41c851356fbc9cc6945b426f65f64df08c7648eecc88c481

  • Size

    107KB

  • Sample

    220121-26l3hacgak

  • MD5

    b0e7976f2e3dc8b7636462715740c00e

  • SHA1

    de109f4be750fe0d7ed38300274d1e3b95e9c82a

  • SHA256

    cd0c624ff748d78e41c851356fbc9cc6945b426f65f64df08c7648eecc88c481

  • SHA512

    d76db5979eb9c2493a03298d4536b1be426a8d53710a520b0a33c7ec76bce3ed8118719d71885350331a5d371ad84a2e9947e39affb608eb2087ca1f69e9ea68

Score
10/10
crimsonratmacrorat

Malware Config

Targets

    • Target

      cd0c624ff748d78e41c851356fbc9cc6945b426f65f64df08c7648eecc88c481

    • Size

      107KB

    • MD5

      b0e7976f2e3dc8b7636462715740c00e

    • SHA1

      de109f4be750fe0d7ed38300274d1e3b95e9c82a

    • SHA256

      cd0c624ff748d78e41c851356fbc9cc6945b426f65f64df08c7648eecc88c481

    • SHA512

      d76db5979eb9c2493a03298d4536b1be426a8d53710a520b0a33c7ec76bce3ed8118719d71885350331a5d371ad84a2e9947e39affb608eb2087ca1f69e9ea68

    Score
    10/10
    crimsonratrat

    • CrimsonRAT Main Payload

    • CrimsonRat

      Crimson RAT is a malware linked to a Pakistani-linked threat actor.

      ratcrimsonrat

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks