Analysis Overview
SHA256
ee84f4b188c1c76e1b98ec4821ef90bb600a3ea89c2a84ee44a1f89712565a22
Threat Level: Known bad
The file ee84f4b188c1c76e1b98ec4821ef90bb600a3ea89c2a84ee44a1f89712565a22 was found to be: Known bad.
Malicious Activity Summary
CrimsonRAT Main Payload
Crimsonrat family
MITRE ATT&CK
Analysis: static1
Detonation Overview
Reported
2022-01-21 22:54
Signatures
CrimsonRAT Main Payload
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Crimsonrat family
Analysis: behavioral1
Detonation Overview
Submitted
2022-01-21 22:54
Reported
2022-01-21 23:03
Platform
win7-en-20211208
Max time kernel
150s
Max time network
156s
Command Line
Signatures
Processes
C:\Users\Admin\AppData\Local\Temp\ee84f4b188c1c76e1b98ec4821ef90bb600a3ea89c2a84ee44a1f89712565a22.exe
"C:\Users\Admin\AppData\Local\Temp\ee84f4b188c1c76e1b98ec4821ef90bb600a3ea89c2a84ee44a1f89712565a22.exe"
Network
| Country | Destination | Domain | Proto |
| DE | 173.212.192.229:3364 | tcp | |
| DE | 173.212.192.229:8264 | tcp | |
| DE | 173.212.192.229:10262 | tcp |
Files
memory/740-55-0x0000000000AE0000-0x0000000000AE2000-memory.dmp
memory/740-56-0x000007FEF2920000-0x000007FEF39B6000-memory.dmp
memory/740-57-0x0000000000AE6000-0x0000000000B05000-memory.dmp
Analysis: behavioral2
Detonation Overview
Submitted
2022-01-21 22:54
Reported
2022-01-21 23:04
Platform
win10-en-20211208
Max time kernel
147s
Max time network
154s
Command Line
Signatures
Processes
C:\Users\Admin\AppData\Local\Temp\ee84f4b188c1c76e1b98ec4821ef90bb600a3ea89c2a84ee44a1f89712565a22.exe
"C:\Users\Admin\AppData\Local\Temp\ee84f4b188c1c76e1b98ec4821ef90bb600a3ea89c2a84ee44a1f89712565a22.exe"
Network
| Country | Destination | Domain | Proto |
| DE | 173.212.192.229:3364 | tcp | |
| DE | 173.212.192.229:8264 | tcp | |
| DE | 173.212.192.229:10262 | tcp | |
| DE | 173.212.192.229:14626 | tcp |
Files
memory/2648-115-0x00000000037E0000-0x00000000037E2000-memory.dmp
memory/2648-116-0x00000000037E2000-0x00000000037E4000-memory.dmp