Overview

overview

10

Static

static

8

6078b55381...37.xls

windows7_x64

10

6078b55381...37.xls

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    6078b55381e39779f915032533a93d725bab98982b303998fa8ba2ecfc675737

  • Size

    423KB

  • Sample

    220121-3sxgradhdq

  • MD5

    bce8a8ea8d47951abffeec38fbeeeef1

  • SHA1

    a43467a05a6116aa78b0e15f1aa7e6f72424c1c9

  • SHA256

    6078b55381e39779f915032533a93d725bab98982b303998fa8ba2ecfc675737

  • SHA512

    892f7afef5c50adab8db3b629dcf4fcfe9be7ae46f86f80ce32699d542a10b9fdff572713724559539db72fc5562ada87b08e8b80f428ae6c975b53b77c06a8f

Score
10/10
crimsonratmacromacro_on_actionrat

Malware Config

Targets

    • Target

      6078b55381e39779f915032533a93d725bab98982b303998fa8ba2ecfc675737

    • Size

      423KB

    • MD5

      bce8a8ea8d47951abffeec38fbeeeef1

    • SHA1

      a43467a05a6116aa78b0e15f1aa7e6f72424c1c9

    • SHA256

      6078b55381e39779f915032533a93d725bab98982b303998fa8ba2ecfc675737

    • SHA512

      892f7afef5c50adab8db3b629dcf4fcfe9be7ae46f86f80ce32699d542a10b9fdff572713724559539db72fc5562ada87b08e8b80f428ae6c975b53b77c06a8f

    Score
    10/10
    crimsonratrat

    • CrimsonRAT Main Payload

    • CrimsonRat

      Crimson RAT is a malware linked to a Pakistani-linked threat actor.

      ratcrimsonrat

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks