crimsonrat | 152e296998d9376c13c0ea29d191e01622ddec754484b5eefd795989b8a44ab6 | Triage

Sharing

General

Target

152e296998d9376c13c0ea29d191e01622ddec754484b5eefd795989b8a44ab6
Size

9.1MB
MD5

0a561d6da39bd762f4c581f389c50da9
SHA1

e795959699fa692c55fe36668b50641a8714e874
SHA256

152e296998d9376c13c0ea29d191e01622ddec754484b5eefd795989b8a44ab6
SHA512

d755ff1fea465cb564265ff8595b91e354e6dcf2bb8b1875916e9dd0ece48e90bc0972fe2bf86c35f9011ecdb80b8bdaa2888e44f36d6d8168628d35fd8289b3
SSDEEP

384:AKrHVoKc5VnZcdSd5iDX/qRYexV18zbeI94ZzTTxNhLQOI/QxrNbSysknGJ7H9c:TVoKcNcgdPTfOwlkOICq5bn4bRU

Score

10^/10

crimsonrat

Malware Config

Signatures

CrimsonRAT Main Payload 1 IoCs

resource	yara_rule
sample	family_crimsonrat

Crimsonrat family
crimsonrat

Files

152e296998d9376c13c0ea29d191e01622ddec754484b5eefd795989b8a44ab6
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Code Sign

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 9.1MB - Virtual size: 9.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ