crimsonrat | 1259ddd540300dbec4d76b5909dad475fa56b3b1837b6c7097d9b42e28d3182c | Triage

Sharing

General

Target

1259ddd540300dbec4d76b5909dad475fa56b3b1837b6c7097d9b42e28d3182c
Size

9.6MB
MD5

c410ef1f5b0ca137ffd993b3569fac88
SHA1

3b3ad0394f467aca9f81ba7c574b04dc63d5b8e9
SHA256

1259ddd540300dbec4d76b5909dad475fa56b3b1837b6c7097d9b42e28d3182c
SHA512

48002ffdaf42069aeeed1584af940c03205510c0f3e589962b9e54aaf95ecfe217df6f2c7ee66e2a23e9fa66f709d5ea428ece5403056d1f35e6f631776e66be
SSDEEP

768:yJhjueZ+n6Z+hbmUcH7M73E3rkZbqc99IgIyZNVF:yJh057c473krkVqcPIgIyZNVF

Score

10^/10

crimsonrat

Malware Config

Signatures

CrimsonRAT Main Payload 1 IoCs

resource	yara_rule
sample	family_crimsonrat

Crimsonrat family
crimsonrat

Files

1259ddd540300dbec4d76b5909dad475fa56b3b1837b6c7097d9b42e28d3182c
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Code Sign

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 9.6MB - Virtual size: 9.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ