General

  • Target

    477147271a54e32ef184030393f17c30d68d4aeb8bd6202a225e354f1800b279

  • Size

    220KB

  • Sample

    220418-j15csaffgk

  • MD5

    3829791a486b0b9ccb80ffcb7177c19c

  • SHA1

    63b775ca11d595d65b8dfa4215823e7cb98c55af

  • SHA256

    477147271a54e32ef184030393f17c30d68d4aeb8bd6202a225e354f1800b279

  • SHA512

    f1d6950caf18ae7b3f68c6cecded468a706a08ec6a33d6ea29d21f6d120badcb020ae89a3c0be2fadd64424cc931724dbda3b0bd0c4b23f161ab86bde57b4d66

Score
10/10

Malware Config

Targets

    • Target

      477147271a54e32ef184030393f17c30d68d4aeb8bd6202a225e354f1800b279

    • Size

      220KB

    • MD5

      3829791a486b0b9ccb80ffcb7177c19c

    • SHA1

      63b775ca11d595d65b8dfa4215823e7cb98c55af

    • SHA256

      477147271a54e32ef184030393f17c30d68d4aeb8bd6202a225e354f1800b279

    • SHA512

      f1d6950caf18ae7b3f68c6cecded468a706a08ec6a33d6ea29d21f6d120badcb020ae89a3c0be2fadd64424cc931724dbda3b0bd0c4b23f161ab86bde57b4d66

    Score
    10/10
    • CrimsonRAT Main Payload

    • CrimsonRat

      Crimson RAT is a malware linked to a Pakistani-linked threat actor.

    • Executes dropped EXE

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

MITRE ATT&CK Enterprise v6

Tasks