Overview

overview

7

Static

static

7

AgileDotNe...me.dll

windows10-2004-x64

1

ChangeLog.html

windows10-2004-x64

1

CraxsRat 3.9.1.exe

windows10-2004-x64

1

CraxsRat.exe.xml

windows10-2004-x64

1

DrakeUI.Framework.dll

windows10-2004-x64

1

GeoIPCitys.dll

windows10-2004-x64

1

LiveCharts...ms.dll

windows10-2004-x64

1

LiveCharts.Wpf.dll

windows10-2004-x64

1

LiveCharts.dll

windows10-2004-x64

1

LiveCharts...es.dll

windows10-2004-x64

3

LiveChartsRegion.dll

windows10-2004-x64

3

MetroSet UI.dll

windows10-2004-x64

1

NAudio.dll

windows10-2004-x64

1

System.IO....le.dll

windows10-2004-x64

1

System.IO....on.dll

windows10-2004-x64

1

Vip.Notification.dll

windows10-2004-x64

1

WinMM.Net.dll

windows10-2004-x64

1

Analysis

  • max time kernel
    61s
  • max time network
    67s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230221-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230221-enlocale:en-usos:windows10-2004-x64system
  • submitted
    30-04-2023 03:27

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    CraxsRat 3.9.1.exe

  • Size

    58.5MB

  • MD5

    410b70652f923b6b3a22bd5adb9b1ff3

  • SHA1

    af026551f12a602d95216e74433233595455fabf

  • SHA256

    4803f54412bcfdb6563d7f5ceb1104c98137143099ec45aa9c4560d742d9c637

  • SHA512

    d06b46dd122704e56694fc3f08a2dc162a88ce79e6539ff71d011af3c9f2b8d0025add3d11c4c0175766f94594181a29abb8ad60f6b25e641acd70adc813d9cb

  • SSDEEP

    786432:4sof2F2PMGoB5RiWVZaBxDbWx0wwyk4YU4okJ4n+XPdMOMG15Ws+g/5t29B4UW6:SfSz7iWVZuMx0W8PLVMpW5WOMv4w

Score
1/10

Malware Config

Signatures

  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SendNotifyMessage 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\CraxsRat 3.9.1.exe
    "C:\Users\Admin\AppData\Local\Temp\CraxsRat 3.9.1.exe"
    1⤵
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SendNotifyMessage
    PID:2564

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/2564-133-0x0000000000500000-0x0000000003F7A000-memory.dmp
    Filesize

    58.5MB

    Download
  • memory/2564-134-0x000000001F680000-0x000000001F690000-memory.dmp
    Filesize

    64KB

    Download
  • memory/2564-135-0x0000000006000000-0x000000000600C000-memory.dmp
    Filesize

    48KB

    Download
  • memory/2564-136-0x0000000006030000-0x000000000604C000-memory.dmp
    Filesize

    112KB

    Download
  • memory/2564-137-0x000000001F600000-0x000000001F62C000-memory.dmp
    Filesize

    176KB

    Download
  • memory/2564-138-0x000000001F630000-0x000000001F66C000-memory.dmp
    Filesize

    240KB

    Download
  • memory/2564-139-0x0000000020E10000-0x0000000020E46000-memory.dmp
    Filesize

    216KB

    Download
  • memory/2564-140-0x0000000021000000-0x00000000211A6000-memory.dmp
    Filesize

    1.6MB

    Download
  • memory/2564-141-0x000000001F680000-0x000000001F690000-memory.dmp
    Filesize

    64KB

    Download
  • memory/2564-142-0x000000001F680000-0x000000001F690000-memory.dmp
    Filesize

    64KB

    Download
  • memory/2564-143-0x000000001F680000-0x000000001F690000-memory.dmp
    Filesize

    64KB

    Download
  • memory/2564-144-0x000000001F680000-0x000000001F690000-memory.dmp
    Filesize

    64KB

    Download
  • memory/2564-145-0x000000001F680000-0x000000001F690000-memory.dmp
    Filesize

    64KB

    Download
  • memory/2564-146-0x000000001F680000-0x000000001F690000-memory.dmp
    Filesize

    64KB

    Download
  • memory/2564-147-0x000000001F680000-0x000000001F690000-memory.dmp
    Filesize

    64KB

    Download