crimsonrat | c160ee1a5ece22d04bc1368d2d36b4c143e0e33083da5cb0bdf56d872255cc9b | Triage

Sharing

General

Target

c160ee1a5ece22d04bc1368d2d36b4c143e0e33083da5cb0bdf56d872255cc9b
Size

108KB
MD5

463565ec38e4d790a89eb592435820e3
SHA1

10493cecd82d5d5ada7e1b3e661b9dca21a9781d
SHA256

c160ee1a5ece22d04bc1368d2d36b4c143e0e33083da5cb0bdf56d872255cc9b
SHA512

92a5f8bf8e7f4e2082ce894001e54da611f968c2cc6f3f1c476a901c031853e91a7701346018e7a6dafef03c651647d0da31f00fb6ac4594b47239d17993cdf6
SSDEEP

1536:NS1EZqt60DY1KJsBlTYA9VylLOjOTggJF2xwtStzypT8fNDm9B76Z9H/x/fhg6+:NS1EZqt6bmpum9BGZ9fx/Zb+

Score

10^/10

crimsonrat

Malware Config

Signatures

CrimsonRAT Main Payload 1 IoCs

resource	yara_rule
sample	family_crimsonrat

Crimsonrat family
crimsonrat

Files

c160ee1a5ece22d04bc1368d2d36b4c143e0e33083da5cb0bdf56d872255cc9b
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Code Sign

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 75KB - Virtual size: 74KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ