Overview

overview

10

Static

static

MoI Operat...on.exe

windows7_x64

10

MoI Operat...on.exe

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    e60ad9543b873569432bc05cbfc8dd0f72a618f26eb256f15048b820e151846e

  • Size

    162KB

  • Sample

    220121-2xcsgaccgq

  • MD5

    0c20ea537ec4bea669c2b504e63699fb

  • SHA1

    e9d68a73184d7b93783e33c39de329098f58ad71

  • SHA256

    e60ad9543b873569432bc05cbfc8dd0f72a618f26eb256f15048b820e151846e

  • SHA512

    3e4fe4087070c9b7c63eae36ad6c80b6fc3d3a629a3e3cfe9dc9af725931874810a84aa9dee00b1e588b492e3da77ea9b4d8e66ab3f280cc6bfe322b66d141fb

Score
10/10
crimsonratrat

Malware Config

Targets

    • Target

      MoI Operation/MoI Operation.exe

    • Size

      309KB

    • MD5

      2a2088cc646b984cb3d75d18c8708eb5

    • SHA1

      20ceef8731d905794c8d7a14f4ecf9fb5aa29e28

    • SHA256

      5a449782c6d286a5af7fd5cbab5d5d46dd4dd153cbc46e4aeae0ea54f2785980

    • SHA512

      cc23d711d756ca322786d0327b017af5e457b2ac144a03cdff9456164bd58e5dfa0b5ac6df02c9a3d7036cd82a29278eed055357e7080797673aaed95886de1d

    Score
    10/10
    crimsonratrat

    • CrimsonRAT Main Payload

    • CrimsonRat

      Crimson RAT is a malware linked to a Pakistani-linked threat actor.

      ratcrimsonrat

    • Executes dropped EXE

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks