Overview

overview

10

Static

static

11c45925b6...96.doc

windows7_x64

10

11c45925b6...96.doc

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    11c45925b64777eaa401a6c0f6a6f847fb80e82d8da8fdfe1156d28663fd9396

  • Size

    3.0MB

  • Sample

    220130-tw15nsebdj

  • MD5

    d851a1c634cd8a63d9dcf0db5b84b200

  • SHA1

    3208d7bc352771507837e075586e83216cc61be5

  • SHA256

    11c45925b64777eaa401a6c0f6a6f847fb80e82d8da8fdfe1156d28663fd9396

  • SHA512

    12444b6ade5beb5f658ade2553013eac17a8e766bf210e3914b0393ab2252752c89ca3c33705008916895d8ad070f8c8279d63e3eedb2323354c6c1d0a8a9a06

Score
10/10
crimsonratrat

Malware Config

Targets

    • Target

      11c45925b64777eaa401a6c0f6a6f847fb80e82d8da8fdfe1156d28663fd9396

    • Size

      3.0MB

    • MD5

      d851a1c634cd8a63d9dcf0db5b84b200

    • SHA1

      3208d7bc352771507837e075586e83216cc61be5

    • SHA256

      11c45925b64777eaa401a6c0f6a6f847fb80e82d8da8fdfe1156d28663fd9396

    • SHA512

      12444b6ade5beb5f658ade2553013eac17a8e766bf210e3914b0393ab2252752c89ca3c33705008916895d8ad070f8c8279d63e3eedb2323354c6c1d0a8a9a06

    Score
    10/10
    crimsonratrat

    • CrimsonRAT Main Payload

    • CrimsonRat

      Crimson RAT is a malware linked to a Pakistani-linked threat actor.

      ratcrimsonrat

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks