crimsonrat | c388dfa6a1e1c861c8a2301644c985d9352c43b0a41604a4385ad1a4a88fdbd3 | Triage

Submit
Reports

Overview

overview

Static

static

8

my-social.docm

windows7_x64

my-social.docm

windows10_x64

Sharing

General

Target

c388dfa6a1e1c861c8a2301644c985d9352c43b0a41604a4385ad1a4a88fdbd3
Size

103KB
Sample

220121-26s6tacgaq
MD5

a3776e4d14b14cc42208c2396705d996
SHA1

df8b1d608602ccbee72fbdeffb0a7f35e90b0288
SHA256

c388dfa6a1e1c861c8a2301644c985d9352c43b0a41604a4385ad1a4a88fdbd3
SHA512

99dec1d2b42979b846b2e2a9e9f1217295418d6793813e3db2fa7f45923c248cc4f9348ee2a70cdd069090542e49311babb8dac1bc0cf231ca4d08bb4a26a683

Score

10^/10

crimsonrat macro rat

Static task

static1

Behavioral task

behavioral1

Sample

my-social.docm

Resource

win7-en-20211208

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

my-social.docm

Resource

win10-en-20211208

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  my-social.docm
- Size
  
  107KB
- MD5
  
  b0e7976f2e3dc8b7636462715740c00e
- SHA1
  
  de109f4be750fe0d7ed38300274d1e3b95e9c82a
- SHA256
  
  cd0c624ff748d78e41c851356fbc9cc6945b426f65f64df08c7648eecc88c481
- SHA512
  
  d76db5979eb9c2493a03298d4536b1be426a8d53710a520b0a33c7ec76bce3ed8118719d71885350331a5d371ad84a2e9947e39affb608eb2087ca1f69e9ea68
Score

10^/10

crimsonrat rat
- CrimsonRAT Main Payload
- CrimsonRat
  Crimson RAT is a malware linked to a Pakistani-linked threat actor.
  rat crimsonrat
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy