0a06fb2cbb200a1ab76de4b4e5fe2284932b0c65707ab304921ea2d739ea90da

Sharing

Copy URL

Twitter E-mail

General

Target

CraxsRat v4.5.3 clean.zip
Size

58.3MB
Sample

230505-2ymn3ahc7w
MD5

218552a77da64889f279c1c49736f8e8
SHA1

63512bcc1e63a345c534a708c3ceace33868e9b7
SHA256

0a06fb2cbb200a1ab76de4b4e5fe2284932b0c65707ab304921ea2d739ea90da
SHA512

f5a932d4596552b2a866cf0fe75f8408a60b0e6d34b47d4a9413f06d90489ff9476d915c109df973b57bf0340cde4ab4cebb2faeb7ce851844505af8cf87877d
SSDEEP

1572864:lXteW9rl1rsR6PyezygmS84sNjDEZTRtAO7oy2p+hkv:/v9xc6PoghLAjQF7KpH

Score

7^/10

agilenet

Malware Config

Targets

- Target
  
  Accord.Video.FFMPEG.x64.dll
- Size
  
  145KB
- MD5
  
  79b695ad7273ef66a1415e78c656c906
- SHA1
  
  3577da49ffc99313355230245c3d35de036b6bc8
- SHA256
  
  3f524d6a8504703ea72912af1e3ce564e3fa7c1d80f3f4e62cd51d0595898837
- SHA512
  
  5e9197b5690219a7742c99ac9d2b547d656d97420e40a145a9c3eff217744483e24be376b4dbc5feae12b0bea16bfc1eec3bb706bf27c67b177ca720cab391a3
- SSDEEP
  
  1536:oT2yx58FhUZyEJcneAvkI5bXOEgiDMKhyD5dhhRY1/PTVlToJiNZtB/9mqZCV:obj8FhoyGeePounD5dhhGV7NZtfmqAV
Score

1^/10
behavioral1
- Target
  
  Accord.Video.dll
- Size
  
  40KB
- MD5
  
  1ae7635c84d07b15b270370fd95c08ac
- SHA1
  
  fb9d47dd0f9967b7f7f604322007eb0c83406e4e
- SHA256
  
  1ddbc49df553ca39db447db3bdfa97c0ec081bde7f515755ef4ad3a05e95df82
- SHA512
  
  f43e7f9f6b8f80578030f52e65af49dbcdd41a4e5246369c00c14621db6f660224bf64f9d2f2a2cdc13d58b92ab4b877a5b8a582bf7b2be2c2320c71a3ba006d
- SSDEEP
  
  768:R0TBhYgp1R0IMs1B03kP7LLLLmhFIXRoPnu:R0v1xDv1B0ne
Score

1^/10
behavioral2
- Target
  
  Accord.dll
- Size
  
  128KB
- MD5
  
  585e55a96f52a550c6a6ec7859996b6e
- SHA1
  
  07f6112f3380eee1f349732b890a7757e9018fca
- SHA256
  
  67a1977a211dd33752c7e6fcafb1e6ab61b6f26f529b1373e54d1ca512ada858
- SHA512
  
  92f8b38f50c3b84fa8558b68bed62891bb508ac208a500cf18fb586e12adc37a70f3a7ee71d7a656be188b0ab3eedbd944313dcab5e7d0c06f543c98331d40dc
- SSDEEP
  
  1536:288phvO4o++aI12Mo4BOtbF4kDDV2LYWm2aIp4EBVJo7Je4Hjs1IdtdUCIw7:288phvO5aI12Mo4EF/JEBSJFDiIdYdm
Score

1^/10
behavioral3
- Target
  
  ChangeLog.html
- Size
  
  9KB
- MD5
  
  de572d533b2a702fe81399f7c2429802
- SHA1
  
  8d797a4db53fe869d8ccd2f8ade55cfbad1e0186
- SHA256
  
  0f9258bf7e2191d6373dfece501b0bbd64811cec5c82d6b56e31adc371eb5d08
- SHA512
  
  4abd5444a0c1737be3c2c176ef98060dbe0cfc81d9e0b9b1ba657cb75c6edc9b8d7ea7edb718c98d53324680132049ddee0602da0ff9ae2847a36ffc4da0d543
- SSDEEP
  
  192:o3+c+eHiEb8G6gQ1edfEiKAAlcotfVimQizeGP26FkjFjAcod+nJ4DCw6W:oOc+eCQlRkexKAAZtfViEe6FGF2d8iGW
Score

6^/10
- Drops Chrome extension
behavioral4
- Target
  
  CraxsRat v4.5.3.exe
- Size
  
  40.9MB
- MD5
  
  2c3de095ad1ad12d56c4656642c4e541
- SHA1
  
  f8925dc9c68895958961a5c01e989f622f644f0c
- SHA256
  
  85e1519a11df4b2c6d36d64536fb1070cd6cdd01da502056aab2a01b468016c3
- SHA512
  
  5be44b6e3c99847f8507e1ba32f2fa157b6da8cf09f7baf12030bd57f29c5872e2d5934cc64836b2de98242422f4d91b9224071b041f48b539e6f23e6d3ebcac
- SSDEEP
  
  786432:Thyqe9n+N5GsjzKGCGWdo3LuqIXwfWeY6VQoJOjzTheSsXaKAoija5w9Fm:NtOn+uLGCG6qOgfzbUjzTDyadoea5g
Score

1^/10
behavioral5
- Target
  
  CraxsRat.exe.config
- Size
  
  8KB
- MD5
  
  1f653bffff1ae9aa3ac18c03b361d6b3
- SHA1
  
  4f0c0074cee0cfdb21bf6c4f6fb82e91de63e341
- SHA256
  
  80de52cdf5d95620d88560c8f0001b6bcb98e5625329017e2093f63fbf83c643
- SHA512
  
  c652a60eb17ef3b14c07fe11fccee165bc90d1e23acd851efde2d215f9dd61db1d4f84f16d87baff133954a34f10e4e54ef5a37346b601ecec4977807e8a6347
- SSDEEP
  
  96:ur7V7KorTZHyZ90nDP9SbujEBKgFAnuAnznVuupxZAEcHn4abLintYIWVv/xSpQM:ur7V79rqCL
Score

1^/10
behavioral6
- Target
  
  DrakeUI.Framework.dll
- Size
  
  1.6MB
- MD5
  
  0562b4c97f643306df491a938ae636da
- SHA1
  
  0807c37b711374ed4814a9518c9e264517de89a0
- SHA256
  
  70e72477f7fe0018e043ce8fe2228a289459058ee41caecd6f05855898bc5b80
- SHA512
  
  c969cd274b6bf65a34f1d129b6531616a3485a1f153088609ad2369d380fdec37c3e88a423495912715a26e353dd5498f7f9e73c895e9f3f18fc7d1e65d2ecaf
- SSDEEP
  
  24576:nYyUyUxws47SDJ+wfa3ZsacYwzhmT5LOMobxqFFnM9Pv1w+Fus:nYyUyUueD001YwzhmVSMoNqFF
Score

1^/10
behavioral7
- Target
  
  GeoIPCitys.dll
- Size
  
  191KB
- MD5
  
  c070f2421851420e832e4f5989a775a2
- SHA1
  
  d6af3c48ffbe0fa1e0e54860836d3bbf374b8b46
- SHA256
  
  d54fd6c5903eea49a75d620d4ba232f8effb1863f5f9c974e4ac0a8fb1904131
- SHA512
  
  75c3edeb4c16d8e82eedc5595b9c3fde4cbd4a3e9deae1967ad513474920a48e4e9275fdc76f44032b1be570a4ece1a6393c4680af8989f67bcdec039d06798e
- SSDEEP
  
  3072:87IcHKc0TwY4O6BlLiJxTmd9h1+fJ5uJnjpUoh/ht21hYvpMaoySJHPc8E:8dHV0Tn4pox6d9G4k
Score

1^/10
behavioral8
- Target
  
  LiveCharts.MAPS.dll
- Size
  
  53KB
- MD5
  
  dfee15e4c6efa37e6645d8b47c8581e0
- SHA1
  
  876140e0855fcd15bfb590431fb7b280d1db4a21
- SHA256
  
  5b8a9a04f454a2c4da5989fa454a0138d3e5c40712816600f90111b7bf045c40
- SHA512
  
  4d0e7b0a5642b649c04e54d89e707ec00e79a0fa282eac19b6097b819652045c3e157763b5b2922a4c2252b0877059ef90eb60038280dbfbef9502f421d739df
- SSDEEP
  
  768:r4gOx89xKERw2U11HI+bZO603JLw8MOrNNLSW5/5xTcb2y1ehVHp:rPKB22HIwwFNuC5N6n+VHp
Score

1^/10
behavioral9
- Target
  
  LiveCharts.WinForms.dll
- Size
  
  19KB
- MD5
  
  76c775d09b24798f6923452e920979b5
- SHA1
  
  3fe2c79512a0d1153fb07f6640b27106c90d333e
- SHA256
  
  a5b61c1726304e6b72e09a0f35ddbf52f89a75a4e28e6ed098c8d1df6081b4ad
- SHA512
  
  eacc093f8ac9401f617df7e07fd68a8a0f1f03aa150283de67ad8c338fcb1520b0f07335547cf533a646ff95f239c92b029f952a706e736bcd9508817c9be0f9
- SSDEEP
  
  384:F5gNA4m0NkdPbJfGZLifwdNqF8vLvTjzHEhZFUPOxFBVGquJpQ76RqMm:F5gNnrNklJfGZLiAw27jrEhZFyYMm
Score

1^/10
behavioral10
- Target
  
  LiveCharts.Wpf.dll
- Size
  
  212KB
- MD5
  
  e924f79f0b5f3e79c98477d75831813d
- SHA1
  
  64f71e20e1953b13c771d8a8e63549ad6d64216e
- SHA256
  
  1bdbb1b5c1a50653e5c26161e9b7c03edc518721a6e10ea180a84049d967106b
- SHA512
  
  063e9bdbdaf0accb46cef5fdb98b30a97b8a6ba097a80d43a9799ff73e820d1c56d41ca9f71d94497736e3def7fbd0109db4000ab1d9e46cdc96357bf3e15fd1
- SSDEEP
  
  6144:d/vd0eaDQcUc0GkiTV3bkACA3AloBtefVt+aA2xgKPo1zlW1w:vaErjGkiTV3bkACA3AloBtefVt+aAGBF
Score

1^/10
behavioral11
- Target
  
  LiveCharts.dll
- Size
  
  148KB
- MD5
  
  9642899636959b7fc89bf34a8b998a90
- SHA1
  
  479a0254d1c9e5565c7d861bb77f54b7eae50c96
- SHA256
  
  9fcf89837b60f69c1c501e4cfa4d2860887afd0b8f325803367e795a4e3bc9ca
- SHA512
  
  435dccb57ff3e9d0663770768c866838b19fbaa5b8e79de0ca111d9c73276f016e016d1d268f72cf3435ecac122039764fada952e1a4f68f368b492bb866c9a2
- SSDEEP
  
  3072:saegvMNVoz3Vlw6/R3z3MV1IdJJGVKWHC2KdxFFT9lzo:VFJlwYMVWY65z
Score

1^/10
behavioral12
- Target
  
  LiveChartsCountries.dll
- Size
  
  59KB
- MD5
  
  740659d4411bcf877f27217a2710b874
- SHA1
  
  9df5c0d033e49026995e846fe27e1ab4955d43b1
- SHA256
  
  f6e951697226a85e8ad11578a20a0de8c1923afbc69dfce3f0e10ea823d54c1a
- SHA512
  
  96d810233dc40915d06c9adf6f49a62be8321a0ea6ace3c139922272dcf543e48b041b341694c126727e37e7a4ca1bd4ba7395ca18d998f629e87aa409c36b37
- SSDEEP
  
  1536:E3VBdmmdVR/GF3VZC/owI8bbS56VX1xPzSoE3xy:EFDht/GF3VZC/xdu6VlxPzhIxy
Score

3^/10
behavioral13
- Target
  
  LiveChartsRegion.dll
- Size
  
  59KB
- MD5
  
  0d4672955cddebc60cdc5cb0510294d8
- SHA1
  
  8cad08e2fb925656bf7f70f954874f661d2fe32e
- SHA256
  
  e0553e5afac83e74fee2d5a69d25ecba12da126fba9e00b8757f769dbdcdb0cc
- SHA512
  
  45741d5468e745ed2bbe8b0583243d7a2b5e6a0cafeb23dd6c19831700c93db546ab18ec8c46f58df29ddf805352cd72bc7bc3837759cafe8304ad431b723db7
- SSDEEP
  
  1536:TJeUvbSllXaYYeODO3ujE49i+tgX1xPzq3ePM1c6O:rzilXzYeOC+/9HglxPzfPD6O
Score

3^/10
behavioral14
- Target
  
  MetroSet UI.dll
- Size
  
  444KB
- MD5
  
  d99a97de55b2561e57135433b44bb786
- SHA1
  
  ab588b8d36683b52adcb32c03a9859b884838f29
- SHA256
  
  6288e559b0f34d56ab4601ffb2ba2289001c77cf7351d135dd93915034c56bba
- SHA512
  
  7ef95cb161265fcf110ba843fe3af5e6cf6d47465e17a10c742256bebd91c128df2cfa7d21696d716bfa861c952d6fad445912f8cca9da9cb03d780211b0545c
- SSDEEP
  
  6144:PTJ1DwrSfCmrB0O1SIai39IkRetlJT4ihPrsAgbP2UiuE2Bnw7M:rJSpmaxIephPrYDK
Score

1^/10
behavioral15
- Target
  
  NAudio.dll
- Size
  
  498KB
- MD5
  
  6ca17abccae3050f391401b2955f9333
- SHA1
  
  0975b039a793accb58130d6639262cd291d80d5d
- SHA256
  
  3ad5d09b4c8c3146d15955a564a9f1a57d7c795b189a25c6f722a738d95ef89c
- SHA512
  
  c08f366aae9baf0e7762f47a2f79d0dee5187a1d7631e5838590b7c12911bdeb6247e0ff860ade36e04f1d6717f919ad98df6d3a1a556bff4b8994db9616ccec
- SSDEEP
  
  12288:MnXnae2TPlr3zvzar5oRDaw92wP6mai9gs6C:K8lrT+r5ADakP4i9gs
Score

1^/10
behavioral16
- Target
  
  System.IO.Compression.ZipFile.dll
- Size
  
  24KB
- MD5
  
  dcda916372128f13ada8b07026c1b3e7
- SHA1
  
  99d6c187de8510206a93d2eed9c65e65e0c86e72
- SHA256
  
  b5c12e9099643e2eda9b49edd0d98bdaed153c72a7e8e6235d8e78714402d16a
- SHA512
  
  d66de5d61cf7090ce2e11ca8064723a44c2fdbd7ed937f1cf4198ebe13083037941b816ad9022d332bbb853666785600fa8b1faca94c498d2f82de73fe1e42f9
- SSDEEP
  
  384:dK8Y54xRiW3mWeW+mWE3rq0GftpBj52ERHRN7dldBopPI:dKfemqiuEBHoa
Score

1^/10
behavioral17
- Target
  
  System.IO.Compression.dll
- Size
  
  55KB
- MD5
  
  dc852942e3fda3284b7a213a4a0c61a9
- SHA1
  
  4b042f43eb249309a398390757f671cffd26056e
- SHA256
  
  7512939c42ca6eca7afab25ae5c5891d046bcb2c689c73d7aebf634618afa824
- SHA512
  
  ec8e5b659f18592d4c9dc81e899309d2883b9d67f139d625b1f8fbd563465603279ce1e0fcde05b1712372503f3dbbe4d6a05165260a349925db5f2b7035fe79
- SSDEEP
  
  768:V4gOx89iNkRw2B11HI+bAeg603JLw8Mi9wt8AQfaKKP2kYlevy1eh0B/z:VQNh2BHIwqFlCKYYIU+0B/z
Score

1^/10
behavioral18
- Target
  
  Vip.Notification.dll
- Size
  
  17KB
- MD5
  
  a292d382f369373d6a925fe5907c69c9
- SHA1
  
  7336065527d93566f79121c478545ae86ba8bb2e
- SHA256
  
  ec7dc8e7890b3881e0a6f8616c7363d4fb43b9c5af2c090b08bbe0275031a6d7
- SHA512
  
  9f45240686f506b11dbce466dd8b843683e09ff3896bc6563a6580d531898f60523614295c62556a5e058af5af18c3e98e80b3f0642f49f07dd2dc44a181dfdc
- SSDEEP
  
  384:EDkSAZXF8SniyHUX4ICx3Fs9SqVW4z5QdfVASCFCDOtfgTuokwuwAqu05yokwOwG:ED8fR4tQsNFLfgvuPIOjk7ch
Score

1^/10
behavioral19
- Target
  
  WinMM.Net.dll
- Size
  
  43KB
- MD5
  
  d4b80052c7b4093e10ce1f40ce74f707
- SHA1
  
  2494a38f1c0d3a0aa9b31cf0650337cacc655697
- SHA256
  
  59e2ac1b79840274bdfcef412a10058654e42f4285d732d1487e65e60ffbfb46
- SHA512
  
  3813b81f741ae3adb07ae370e817597ed2803680841ccc7549babb727910c7bff4f8450670d0ca19a0d09e06f133a1aaefecf5b5620e1b0bdb6bcd409982c450
- SSDEEP
  
  768:LyasDzF2TDSemqD9tGI+ffwj2Au0LVpqmf7KxcOOrYCPTxqPb85:LyaXKemqD9tGI+ffwj2Au0LVpq4KWrlv
Score

1^/10
behavioral20
- Target
  
  avcodec-57.dll
- Size
  
  26.4MB
- MD5
  
  f203d1a907e2fcb253347e86369c10f4
- SHA1
  
  3fd4ad54af5413b9305b741d736dfe3ad6d177f9
- SHA256
  
  d9c3b37b31ae292465fb62e13acee284d64396f883f6dff9a3d50f1acd3e55fc
- SHA512
  
  60ac5932172394b62c496fa8ee7ddcda71fe003248c77c0bfcb99424dc76d373082b5124e7ec99edb7bdbfa8277688d27fe6d543a9f0de5a060fb4df6b167120
- SSDEEP
  
  196608:imQoJcYPNCZ3AEtLa0z6c+/ix0FuIbOW9uGYcd7cpPDK1VLIjHP:Z303HBD+/tFuIbHYcd7cp2HU
Score

3^/10
behavioral21
- Target
  
  avdevice-57.dll
- Size
  
  2.1MB
- MD5
  
  a6471801148994f5defcf227ae884574
- SHA1
  
  c63b4895fc009483336d21c8e6a2f4d1b9b97d56
- SHA256
  
  9e22e1e3d3af2eb643f4a86d7e3f443494d6a7f3d6d85025f35e6b70f9ea6a1b
- SHA512
  
  9d3c4b873521d273e2d83a3783166f0920ea4615d8be07c2cb1663a047be8416583fbe85a165d502cff86e9a58712c6fc1aff529de973d41ad1bf03357b33cf0
- SSDEEP
  
  24576:SolvE4h4G/Sc7/bOv/yssEbuAImCf6BtPXeY3T4bJABO3:VvE4P/Sc5EbuAImCf6BtPOY3pO
Score

3^/10
behavioral22
- Target
  
  avfilter-6.dll
- Size
  
  4.3MB
- MD5
  
  5f6810329273eecf002847c4aac46464
- SHA1
  
  8de45891bafb749b3208a2e2fb9a4464e725ba44
- SHA256
  
  248502334d64ca372f9602041c843ea18cef974b1c2000b21e21ea8fd2c59fab
- SHA512
  
  ce16d3f74dac2f1baa78877f7a55712ed8538d4454ad46583ce7c1fa64a7c07a27ec34cbc4780cf6c85b50bc933995ac3588b4507501a9666dc64a42fb604baa
- SSDEEP
  
  98304:FX5oEb+rU19cbnjjYmG/wIMWOxMM7eOYmtZwiD:FzHajwoIMWOxT7eObZwi
Score

1^/10
behavioral23
- Target
  
  avformat-57.dll
- Size
  
  5.1MB
- MD5
  
  b0a7456b424f5ad90a2d0348169cc152
- SHA1
  
  b0322c1beddbb4840dfac7fcffe689d113f1fc6f
- SHA256
  
  009d7385b91c80d1d25d4824fed1ab6d30d933882fe4dafcccbd39957b1256ff
- SHA512
  
  009b00c43aa41b5fb88b344a4f357b3c4678219a0c8a5ee60b39c3de46768e19a1cf9473703fb820424b241cf4a7c7de49e491ddda1276a4b17e8d0ef9b2bada
- SSDEEP
  
  98304:jJy7R0dmH/dwj2yor3TYEmDmMsKHw+N6P:w97YbHHwa
Score

3^/10
behavioral24
- Target
  
  avutil-55.dll
- Size
  
  643KB
- MD5
  
  708905d347d1a8a7a3c4f23169a0caba
- SHA1
  
  da265d6e65570c94939673d0cd0eb66753c55e25
- SHA256
  
  fec199c1890759b8129195928e61f3a2f45f499a42610c207747b26e47b3caa8
- SHA512
  
  b99141c1bb1707bcdd49ad167ad0f9a004d283c439f06c82d06b4cfbcfd41a6595c6896b14a22a4670ac70e2db1dbbb6f5e0081e92a370818b96d95770effd55
- SSDEEP
  
  12288:3V15MRQeWTPw/yljXmoRzur2SqdyZYSRN2f3H5iKK:b5Mme46ylS1r2SqdyZYGV
Score

3^/10
behavioral25
- Target
  
  postproc-54.dll
- Size
  
  116KB
- MD5
  
  37b3886856e1597c6430d5ecd56a0f39
- SHA1
  
  fe37b096a0280df4bf49dd998b15e6f96b98cb38
- SHA256
  
  8b77a0826122f81e8d211813827b0a379e0fa364a050fc334725a8c6a486d8fc
- SHA512
  
  f0a6c9259edc5b945786b9157aada5d5ee9a4d9683e208c91455b5edb9675a63cdb7c88f4dfa47f440e825d3887c12b85f247971915acb36764d0acfa2bd3c81
- SSDEEP
  
  3072:dvDraa6a666xnDwkHeIYk4WvwQWFReFDBNf:5Draa6a666xnDwk+Ib4Uw9cBN
Score

1^/10
behavioral26
- Target
  
  swresample-2.dll
- Size
  
  335KB
- MD5
  
  5b9c2c81d76caa36b516a78c559c54e4
- SHA1
  
  f08c32b385910708f1dbaba176089f8efbe270b8
- SHA256
  
  8565ea05af69242494a5773a678ddd8f1c485885ce5ec633f78b475ed77724ee
- SHA512
  
  3dca256a59ccd7fc1580da024f4565c246355e835d2216382512e4ccb3574fa2cd515122e035b6dba41288d127f41f1869eaed13183fa6c01b08203b195f0fd2
- SSDEEP
  
  6144:5miUSpfUlnBc/IXNwIQd57Txfvx0K/H+Kgw:5miUSSlcIXNwBe
Score

1^/10
behavioral27
- Target
  
  swscale-4.dll
- Size
  
  518KB
- MD5
  
  1bc9902c87f695a9e390ab9c7fa898a8
- SHA1
  
  566bcd622393931f90c523dbdb80d59bea83d465
- SHA256
  
  6ff7853012f82f4bbf9cd83d0e26a33a218b33e61d2fe37a8cea278897e3b062
- SHA512
  
  18c65a0cbc12abe845375bdb67e55e31157db0263a899fc2bb9291e49cedae3dfd0093c546f025ab09b5abd6dd4e98884c4a2294df045e2e19921a3c8ca89010
- SSDEEP
  
  6144:z2Zothyuf2wC7GhYPNB8zZt9U+u1kPgzQkkkGaaywwxde+:koXyuf2wC7GhYPNam+YkPgzlxA+
Score

3^/10
behavioral28

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

Sharing

General

Malware Config

Targets

Drops Chrome extension

MITRE ATT&CK Matrix ATT&CK v6

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28