Overview

overview

7

Static

static

7

AgileDotNe...me.dll

windows10-2004-x64

1

ChangeLog.html

windows10-2004-x64

6

CraxsRat 3.9.1.exe

windows10-2004-x64

1

CraxsRat.exe.xml

windows10-2004-x64

1

DrakeUI.Framework.dll

windows10-2004-x64

1

GeoIPCitys.dll

windows10-2004-x64

1

LiveCharts...ms.dll

windows10-2004-x64

1

LiveCharts.Wpf.dll

windows10-2004-x64

1

LiveCharts.dll

windows10-2004-x64

1

LiveCharts...es.dll

windows10-2004-x64

3

LiveChartsRegion.dll

windows10-2004-x64

3

MetroSet UI.dll

windows10-2004-x64

1

NAudio.dll

windows10-2004-x64

1

System.IO....le.dll

windows10-2004-x64

1

System.IO....on.dll

windows10-2004-x64

1

Vip.Notification.dll

windows10-2004-x64

1

WinMM.Net.dll

windows10-2004-x64

1

Analysis

  • max time kernel
    113s
  • max time network
    105s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230220-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230220-enlocale:en-usos:windows10-2004-x64system
  • submitted
    30-04-2023 10:48

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    CraxsRat 3.9.1.exe

  • Size

    58.5MB

  • MD5

    410b70652f923b6b3a22bd5adb9b1ff3

  • SHA1

    af026551f12a602d95216e74433233595455fabf

  • SHA256

    4803f54412bcfdb6563d7f5ceb1104c98137143099ec45aa9c4560d742d9c637

  • SHA512

    d06b46dd122704e56694fc3f08a2dc162a88ce79e6539ff71d011af3c9f2b8d0025add3d11c4c0175766f94594181a29abb8ad60f6b25e641acd70adc813d9cb

  • SSDEEP

    786432:4sof2F2PMGoB5RiWVZaBxDbWx0wwyk4YU4okJ4n+XPdMOMG15Ws+g/5t29B4UW6:SfSz7iWVZuMx0W8PLVMpW5WOMv4w

Score
1/10

Malware Config

Signatures

  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SendNotifyMessage 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\CraxsRat 3.9.1.exe
    "C:\Users\Admin\AppData\Local\Temp\CraxsRat 3.9.1.exe"
    1⤵
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SendNotifyMessage
    PID:1496

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/1496-133-0x0000000000EE0000-0x000000000495A000-memory.dmp

    Filesize

    58.5MB

    Download

  • memory/1496-134-0x0000000005210000-0x000000000521C000-memory.dmp

    Filesize

    48KB

    Download

  • memory/1496-135-0x0000000005260000-0x000000000527C000-memory.dmp

    Filesize

    112KB

    Download

  • memory/1496-136-0x0000000005280000-0x00000000052AC000-memory.dmp

    Filesize

    176KB

    Download

  • memory/1496-137-0x0000000006BA0000-0x0000000006BDC000-memory.dmp

    Filesize

    240KB

    Download

  • memory/1496-138-0x0000000020C90000-0x0000000020CA0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/1496-139-0x0000000020C90000-0x0000000020CA0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/1496-140-0x0000000020C90000-0x0000000020CA0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/1496-141-0x0000000020C90000-0x0000000020CA0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/1496-142-0x0000000020C90000-0x0000000020CA0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/1496-143-0x0000000020C90000-0x0000000020CA0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/1496-144-0x0000000020E90000-0x0000000020EC6000-memory.dmp

    Filesize

    216KB

    Download

  • memory/1496-145-0x0000000022580000-0x0000000022726000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/1496-146-0x0000000020C90000-0x0000000020CA0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/1496-147-0x0000000020C90000-0x0000000020CA0000-memory.dmp

    Filesize

    64KB

    Download