Extracted

• • Target

    567b82c892f10a5cc6d0286c5777e7462cec7182eba81db7dd7de53d1e8d3274

  • Size

    267KB

  • MD5

    f6dab5861b5907b39004712c58bbfb04

  • SHA1

    d5e8b77806150ba31efd82e05db7e678a3f52874

  • SHA256

    567b82c892f10a5cc6d0286c5777e7462cec7182eba81db7dd7de53d1e8d3274

  • SHA512

    b2dfc9ee64521d25a19e2867cf3446e06bde9c65988ff3e2924d8a8eee76f4553ba0cdc9e953f848d3c6a8e96d0d57874cb0df6fc94dc2402425d4634109e16c

  • SSDEEP

    3072:8Oym1KpUZdaR/HJaBOz2lnyHS29h5ueYQ:LymIIeHJLcGB

  Score

  10^/10

  crimsonratrat

  • CrimsonRAT main payload

  • CrimsonRat

    Crimson RAT is a malware linked to a Pakistani-linked threat actor.

    ratcrimsonrat

  • Checks computer location settings

    Looks up country code configured in the registry, likely geofence.

  • Executes dropped EXE

  behavioral1behavioral2