crimsonrat | 93f33e4e9a732de665510aa5fdc565fc00bcf5e28101c5cc55b5b16f94288b8a | Triage

Submit
Reports

Overview

overview

Static

static

8

Guidelines.xlam

windows7_x64

Guidelines.xlam

windows10_x64

Sharing

General

Target

93f33e4e9a732de665510aa5fdc565fc00bcf5e28101c5cc55b5b16f94288b8a
Size

180KB
Sample

220130-a3vfxscgc3
MD5

adb4e3f7a2fe9170d7421413e6faf6a3
SHA1

ca1a4cbcf6940ab5f6384739df1ef7f4ef4d1e7d
SHA256

93f33e4e9a732de665510aa5fdc565fc00bcf5e28101c5cc55b5b16f94288b8a
SHA512

a415ad6f87e286b96a8e3ecff63f439c5b37afee1b9fadc196a7a10cc11507ca33d042330267e83e64d64291f6c149fb9ad92608d451e1cb99b773a0ff0b8c9a

Score

10^/10

crimsonrat macro rat

Static task

static1

Behavioral task

behavioral1

Sample

Guidelines.xlam

Resource

win7-en-20211208

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

Guidelines.xlam

Resource

win10-en-20211208

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  Guidelines.xlam
- Size
  
  127KB
- MD5
  
  e0f6bcdb71df502f7aefe22db8207a69
- SHA1
  
  9f7357219cbfb5b940d5809f8564a6bb821fa036
- SHA256
  
  0335de8eadbbd5dc7cbe92ef869bcea6f6596ac39a38680142c982ec6e97ecde
- SHA512
  
  ea9fc5fe2bcd8a225c7f7f7b8ea832e3d143278a07c6264edaf9476fb5e7852efdd9b3dbcde6e211ccb1e6d011b11845def65af58e9298a01b3067a05200d7cc
Score

10^/10

crimsonrat rat
- CrimsonRAT Main Payload
- CrimsonRat
  Crimson RAT is a malware linked to a Pakistani-linked threat actor.
  rat crimsonrat
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy