crimsonrat | 0172bec4d945add9f12ce4d7d23f0e0da1ced677e89bfc132b000d444876cb41 | Triage

Submit
Reports

Overview

overview

Static

static

8

0172bec4d9...41.doc

windows7_x64

0172bec4d9...41.doc

windows10_x64

Sharing

General

Target

0172bec4d945add9f12ce4d7d23f0e0da1ced677e89bfc132b000d444876cb41
Size

566KB
Sample

220130-vba87afea7
MD5

cbfae579a25df1e2fe0e02934efd65dc
SHA1

54c987ddc4e08defe2cee3882a2b729d55aef3ce
SHA256

0172bec4d945add9f12ce4d7d23f0e0da1ced677e89bfc132b000d444876cb41
SHA512

d9df94d65771ac9a136f30bd4d8fc359bda057ea92a4da476f38df2976460a55b3afdb445ff873f71b34ed43f6b0954f0e16e202ff48f59e47bc36b1e736eb9f

Score

10^/10

crimsonrat macro macro_on_action rat

Static task

static1

macro macro_on_action

Behavioral task

behavioral1

Sample

0172bec4d945add9f12ce4d7d23f0e0da1ced677e89bfc132b000d444876cb41.doc

Resource

win7-en-20211208

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

0172bec4d945add9f12ce4d7d23f0e0da1ced677e89bfc132b000d444876cb41.doc

Resource

win10-en-20211208

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  0172bec4d945add9f12ce4d7d23f0e0da1ced677e89bfc132b000d444876cb41
- Size
  
  566KB
- MD5
  
  cbfae579a25df1e2fe0e02934efd65dc
- SHA1
  
  54c987ddc4e08defe2cee3882a2b729d55aef3ce
- SHA256
  
  0172bec4d945add9f12ce4d7d23f0e0da1ced677e89bfc132b000d444876cb41
- SHA512
  
  d9df94d65771ac9a136f30bd4d8fc359bda057ea92a4da476f38df2976460a55b3afdb445ff873f71b34ed43f6b0954f0e16e202ff48f59e47bc36b1e736eb9f
Score

10^/10

crimsonrat rat
- CrimsonRAT Main Payload
- CrimsonRat
  Crimson RAT is a malware linked to a Pakistani-linked threat actor.
  rat crimsonrat
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

macromacro_on_action

behavioral1

behavioral2

© 2018-2024

Terms | Privacy