crimsonrat | be860e8882e334cd01f628e00d4e0379e7ee15468517737d3b1c984a7e4d94e8 | Triage

Submit
Reports

Overview

overview

Static

static

sonam karwati.exe

windows7_x64

sonam karwati.exe

windows10_x64

Sharing

General

Target

be860e8882e334cd01f628e00d4e0379e7ee15468517737d3b1c984a7e4d94e8
Size

137KB
Sample

220121-27sxfacgdl
MD5

7dc7542ff094feb25714bb365ecca3cb
SHA1

f3f6fdc6177367af3d627e6cf35e935f6b4ef3bd
SHA256

be860e8882e334cd01f628e00d4e0379e7ee15468517737d3b1c984a7e4d94e8
SHA512

bd1c5bb0dc2528b598a297f75404a26d26e5cc919f30fe57cc8f872b06cdecb1c96b15531d1569af1de88b7aa5b6c9e490054115678bf8b9d4bc34912c33f52c

Score

10^/10

crimsonrat rat

Static task

static1

Behavioral task

behavioral1

Sample

sonam karwati.exe

Resource

win7-en-20211208

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

sonam karwati.exe

Resource

win10-en-20211208

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  sonam karwati.exe
- Size
  
  459KB
- MD5
  
  3e688904b05ccd7fcd6fb7cf5a210474
- SHA1
  
  910826a74d953346c59f780dd53d612c362fcbed
- SHA256
  
  936f2cc6458164daab71d9319cea87138f07b3845cc06ba37788c99ea5ff404a
- SHA512
  
  db9aacd1708a81a28b5d4b6031c2df737483189c00381f0b0d1d5df997e12cc5c750e608d76aafeebe0e8ea3f122c3a4a23458732c16ead6feaed797b3d678f2
Score

10^/10

crimsonrat rat
- CrimsonRAT Main Payload
- CrimsonRat
  Crimson RAT is a malware linked to a Pakistani-linked threat actor.
  rat crimsonrat
- Executes dropped EXE
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy