crimsonrat | 09f7d02a3c2382199458c98a62b045145ee54ab6aba86166aecf3d10c3c1444c | Triage

Sharing

General

Target

09f7d02a3c2382199458c98a62b045145ee54ab6aba86166aecf3d10c3c1444c
Size

125KB
MD5

d8637bdbcfc9112fcb1f0167b398e771
SHA1

3135ba4f32052528bb0c8909fc2f954699d4a8fd
SHA256

09f7d02a3c2382199458c98a62b045145ee54ab6aba86166aecf3d10c3c1444c
SHA512

99e77185ff180b5de6a22e60071296c22b7faf708cd83a039a4de26557e2468f74fd611c1f33fa7fa0f9c42195bd9b6fddb21d35f5960b19f4bf22e7c821938b
SSDEEP

3072:zY5Bybw05jiUvRpjiUvR23ULW2M9EsnwpCSubiMyi+uZ:zY6VPzPHWF9rAbuZ

Score

10^/10

crimsonrat

Malware Config

Signatures

CrimsonRAT Main Payload 1 IoCs

resource	yara_rule
sample	family_crimsonrat

Crimsonrat family
crimsonrat

Files

09f7d02a3c2382199458c98a62b045145ee54ab6aba86166aecf3d10c3c1444c
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Code Sign

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 91KB - Virtual size: 90KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 33KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ