crimsonrat | bf6705b2148f8f49bfd231de2de8939ad4686f34c0e0f6db7168be3dd8269689 | Triage

Submit
Reports

Overview

overview

Static

static

cnic.exe

windows7_x64

cnic.exe

windows10_x64

Sharing

General

Target

bf6705b2148f8f49bfd231de2de8939ad4686f34c0e0f6db7168be3dd8269689
Size

225KB
Sample

220121-27n89acdh9
MD5

0b1ae06446f47749c65a7015829847d8
SHA1

ad59fee5f748ac50bf95b5e0f18a24dc98fd1ab6
SHA256

bf6705b2148f8f49bfd231de2de8939ad4686f34c0e0f6db7168be3dd8269689
SHA512

db370eaf44eae75f595ca19788e40984d14b3cc2588a67960f5dc50d62e164f2f85d531e0029d51bb6f17ab5cc8b4e2afb155be40513c340d70b693badd0dad2

Score

10^/10

crimsonrat rat

Static task

static1

Behavioral task

behavioral1

Sample

cnic.exe

Resource

win7-en-20211208

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

cnic.exe

Resource

win10-en-20211208

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  cnic.exe
- Size
  
  1.1MB
- MD5
  
  d13d2599e21ec94b45320ec1ab7511de
- SHA1
  
  db0e8a599b37a4b462e380a2be3f0cbd3b8f2ca4
- SHA256
  
  706ca8e074ad04777a408b845ed56c1d675902cc2ef0aa6cca29430e967ba7af
- SHA512
  
  4982f4b3571878f011e4013558e523ee0a661b55b411b110f835c36bbe286421f7dfb998583efed60e03ae43c646a45574c2aaeb8cce7ef450f204bd4de284c9
Score

10^/10

crimsonrat rat
- CrimsonRAT Main Payload
- CrimsonRat
  Crimson RAT is a malware linked to a Pakistani-linked threat actor.
  rat crimsonrat
- Executes dropped EXE
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy