Overview

overview

10

Static

static

8

2aa1607260...f0.xls

windows7_x64

10

2aa1607260...f0.xls

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2aa160726037e80384672e89968ab4d2bd3b7f5ca3dfa1b9c1ecc4d1647a63f0

  • Size

    422KB

  • Sample

    220130-s8jkqaebh4

  • MD5

    48476da4403243b342a166d8a6be7a3f

  • SHA1

    6e089605173097205a7906a796ad7c8315feba9c

  • SHA256

    2aa160726037e80384672e89968ab4d2bd3b7f5ca3dfa1b9c1ecc4d1647a63f0

  • SHA512

    1bb134eb6eaa1759fab21309cc527c98935f7af73625c07e7cf7e1837978d741c1f6d8a4df4dc9b81126e86aa59424dd3372ab16ddf31787e1bb8aa0a7658eef

Score
10/10
crimsonratmacromacro_on_actionrat

Malware Config

Targets

    • Target

      2aa160726037e80384672e89968ab4d2bd3b7f5ca3dfa1b9c1ecc4d1647a63f0

    • Size

      422KB

    • MD5

      48476da4403243b342a166d8a6be7a3f

    • SHA1

      6e089605173097205a7906a796ad7c8315feba9c

    • SHA256

      2aa160726037e80384672e89968ab4d2bd3b7f5ca3dfa1b9c1ecc4d1647a63f0

    • SHA512

      1bb134eb6eaa1759fab21309cc527c98935f7af73625c07e7cf7e1837978d741c1f6d8a4df4dc9b81126e86aa59424dd3372ab16ddf31787e1bb8aa0a7658eef

    Score
    10/10
    crimsonratrat

    • CrimsonRAT Main Payload

    • CrimsonRat

      Crimson RAT is a malware linked to a Pakistani-linked threat actor.

      ratcrimsonrat

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks