General

  • Target

    f77205a9238a123b74b764be6e2132777e1f3eda9c515f31219387c45629e3ea

  • Size

    129KB

  • Sample

    230221-jag5kafh3w

  • MD5

    d6cf93b031f2e3b8758c41f5ce665a1f

  • SHA1

    dd3040f2b246bf729de40573721442d8efd4e070

  • SHA256

    f77205a9238a123b74b764be6e2132777e1f3eda9c515f31219387c45629e3ea

  • SHA512

    1e118d5bf9c18286c7005670d3212f042d32e18004d7e5b7840380490df2fe73e3e59dcabbd6cf90e1d95357e548a3f3aee05cff895af93415e0bc69e00d3680

  • SSDEEP

    3072:FyZLYyIKIfKTzY+J4WRyasXGcSOv+zb4coB168mOKIGuH+dyRwKyR7Ep:FMLNWK/Y24WK2cbv+ol03K+qwHY

Score
10/10

Malware Config

Extracted

Family

crimsonrat

C2

172.245.80.12

Targets

    • Target

      f77205a9238a123b74b764be6e2132777e1f3eda9c515f31219387c45629e3ea

    • Size

      129KB

    • MD5

      d6cf93b031f2e3b8758c41f5ce665a1f

    • SHA1

      dd3040f2b246bf729de40573721442d8efd4e070

    • SHA256

      f77205a9238a123b74b764be6e2132777e1f3eda9c515f31219387c45629e3ea

    • SHA512

      1e118d5bf9c18286c7005670d3212f042d32e18004d7e5b7840380490df2fe73e3e59dcabbd6cf90e1d95357e548a3f3aee05cff895af93415e0bc69e00d3680

    • SSDEEP

      3072:FyZLYyIKIfKTzY+J4WRyasXGcSOv+zb4coB168mOKIGuH+dyRwKyR7Ep:FMLNWK/Y24WK2cbv+ol03K+qwHY

    Score
    10/10
    • CrimsonRat

      Crimson RAT is a malware linked to a Pakistani-linked threat actor.

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v6

Tasks