crimsonrat | d47528c5574e307dd79fb7c240fcc4d22397671f3eb4a1dc990b64971c588d33 | Triage

Submit
Reports

Overview

overview

Static

static

1

d47528c557...3.docm

windows7-x64

d47528c557...3.docm

windows10-2004-x64

Sharing

General

Target

d47528c5574e307dd79fb7c240fcc4d22397671f3eb4a1dc990b64971c588d33.bin
Size

153KB
Sample

230706-pr879scc2y
MD5

44c494a30f83f92295c8351b86a2507a
SHA1

72b49464d5ff0e6aa85fc94284ffc75a546c8c8c
SHA256

d47528c5574e307dd79fb7c240fcc4d22397671f3eb4a1dc990b64971c588d33
SHA512

7b3f4bff12267827f9da31b6a1002bc272a64de2def2109a997d69d009555bd97410625f773ed92283477e2ca1f42a71af7e3c4e943ced6b509349e868871ccc
SSDEEP

3072:F6sZMeRby4a1enUyvAGJYmjeT7rUsmI1XMjPuyXTV5Q5Cm7FTltM:F1ZMeFyLenUZGChzmI1aRXT8V5lC

Score

10^/10

crimsonrat rat

Static task

static1

Behavioral task

behavioral1

Sample

d47528c5574e307dd79fb7c240fcc4d22397671f3eb4a1dc990b64971c588d33.docm

Resource

win7-20230703-en

windows7-x64

10 signatures

150 seconds

Behavioral task

behavioral2

Sample

d47528c5574e307dd79fb7c240fcc4d22397671f3eb4a1dc990b64971c588d33.docm

Resource

win10v2004-20230703-en

windows10-2004-x64

9 signatures

150 seconds

Malware Config

Extracted

Family

crimsonrat

C2

173.232.44.69

Targets

- Target
  
  d47528c5574e307dd79fb7c240fcc4d22397671f3eb4a1dc990b64971c588d33.bin
- Size
  
  153KB
- MD5
  
  44c494a30f83f92295c8351b86a2507a
- SHA1
  
  72b49464d5ff0e6aa85fc94284ffc75a546c8c8c
- SHA256
  
  d47528c5574e307dd79fb7c240fcc4d22397671f3eb4a1dc990b64971c588d33
- SHA512
  
  7b3f4bff12267827f9da31b6a1002bc272a64de2def2109a997d69d009555bd97410625f773ed92283477e2ca1f42a71af7e3c4e943ced6b509349e868871ccc
- SSDEEP
  
  3072:F6sZMeRby4a1enUyvAGJYmjeT7rUsmI1XMjPuyXTV5Q5Cm7FTltM:F1ZMeFyLenUZGChzmI1aRXT8V5lC
Score

10^/10

crimsonrat rat
- CrimsonRat
  Crimson RAT is a malware linked to a Pakistani-linked threat actor.
  rat crimsonrat
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy