Overview

overview

7

Static

static

7

AgileDotNe...me.dll

windows10-2004-x64

1

ChangeLog.html

windows10-2004-x64

1

CraxsRat 3.9.1.exe

windows10-2004-x64

1

CraxsRat.exe.xml

windows10-2004-x64

1

DrakeUI.Framework.dll

windows10-2004-x64

1

GeoIPCitys.dll

windows10-2004-x64

1

LiveCharts...ms.dll

windows10-2004-x64

1

LiveCharts.Wpf.dll

windows10-2004-x64

1

LiveCharts.dll

windows10-2004-x64

1

LiveCharts...es.dll

windows10-2004-x64

3

LiveChartsRegion.dll

windows10-2004-x64

3

MetroSet UI.dll

windows10-2004-x64

1

NAudio.dll

windows10-2004-x64

1

System.IO....le.dll

windows10-2004-x64

1

System.IO....on.dll

windows10-2004-x64

1

Vip.Notification.dll

windows10-2004-x64

1

WinMM.Net.dll

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    CraxsRat-V3.9.1.zip

  • Size

    64.8MB

  • MD5

    c9418260dcbed22f6221a64490dd1137

  • SHA1

    b595c2a509ba5075b838a4f73e981472072180a2

  • SHA256

    647eb6eaa239f8e109c3ad6ac9a92d4b25f05ee0ded5ef7717aea4e0b430adf3

  • SHA512

    7316fc83460f815ca013ad45c16431e7fec3308dc6d322bba1f8f917ffe5b8cfdac6c7f74016c3cefbc183fea0f132e5a395deb935d70a5ec803ff800947544c

  • SSDEEP

    786432:Usof2F2PMGoB5RiWVZaBxDbWx0wwyk4YU4okJ4n+XPdMOMG15Ws+g/5t29B4UW6i:2fSz7iWVZuMx0W8PLVMpW5WOMv4wi

Score
7/10
agilenet

Malware Config

Signatures

  • Obfuscated with Agile.Net obfuscator 3 IoCs

    Detects use of the Agile.Net commercial obfuscator, which is capable of entity renaming and control flow obfuscation.

    agilenet
  • Unsigned PE 14 IoCs

    Checks for missing Authenticode signature.

Files

  • CraxsRat-V3.9.1.zip
    .zip
  • AgileDotNet.VMRuntime.dll
    .dll windows x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • ChangeLog.html
  • CraxsRat 3.9.1.exe
    .exe windows x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • CraxsRat.exe.config
    .xml
  • CraxsRat.pdb
  • CraxsRat.xml
  • DrakeUI.Framework.dll
    .dll windows x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • Errorlogs.txt
  • GeoIPCitys.dll
    .dll windows x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • LiveCharts.WinForms.dll
    .dll windows x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • LiveCharts.WinForms.pdb
  • LiveCharts.WinForms.xml
    .xml
  • LiveCharts.Wpf.dll
    .dll windows x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • LiveCharts.Wpf.pdb
  • LiveCharts.Wpf.xml
    .xml
  • LiveCharts.dll
    .dll windows x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • LiveCharts.pdb
  • LiveCharts.xml
    .xml
  • LiveChartsCountries.dll
    .dll windows x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Exports

    Sections

  • LiveChartsRegion.dll
    .dll windows x64

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Exports

    Sections

  • MetroSet UI.dll
    .dll windows x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • NAudio.dll
    .dll windows x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • System.IO.Compression.ZipFile.dll
    .dll windows x86

    dae02f32a21e03ce65412f6e56942daa


    Code Sign

    Headers

    Imports

    Sections

  • System.IO.Compression.dll
    .dll windows x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • Vip.Notification.dll
    .dll windows x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • WinMM.Net.dll
    .dll windows x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • World.xml