Analysis

  • max time kernel
    59s
  • max time network
    73s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230703-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230703-enlocale:en-usos:windows10-2004-x64system
  • submitted
    13/07/2023, 11:05

General

  • Target

    craxs3/CraxsRat.exe

  • Size

    63.6MB

  • MD5

    3374dd41d1b12b9e3cfe6d65a4802466

  • SHA1

    7a1de03e5af8f35a4e7c90f832ad00184c61422b

  • SHA256

    f798b899a3ba1b59c6bae28c0e70894486dc5240f13dea0952c952ed914fefc6

  • SHA512

    20ef139438dae1c54f594e4f3acfe5fcd6699d847e690a685fb5f9659c800374f5d40ad81ffd9e384ecfa6f33f72175fc6d83c7cda7526c251104defd89615cd

  • SSDEEP

    786432:u+fseiTkTG54G+uxAzK1HoA5AKF7zR/t6tKF+iS6hKo2:3fwTkTG54Gjx5AMzttZmOI

Score
1/10

Malware Config

Signatures

  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SendNotifyMessage 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\craxs3\CraxsRat.exe
    "C:\Users\Admin\AppData\Local\Temp\craxs3\CraxsRat.exe"
    1⤵
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SendNotifyMessage
    PID:3596

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • memory/3596-133-0x00007FF8234D0000-0x00007FF823F91000-memory.dmp

          Filesize

          10.8MB

        • memory/3596-134-0x000001A8E41C0000-0x000001A8E8154000-memory.dmp

          Filesize

          63.6MB

        • memory/3596-135-0x000001A8EBE50000-0x000001A8ED46E000-memory.dmp

          Filesize

          22.1MB

        • memory/3596-136-0x000001A8EA0B0000-0x000001A8EA0C0000-memory.dmp

          Filesize

          64KB

        • memory/3596-137-0x00007FF8234D0000-0x00007FF823F91000-memory.dmp

          Filesize

          10.8MB

        • memory/3596-138-0x000001A8E8500000-0x000001A8E8501000-memory.dmp

          Filesize

          4KB

        • memory/3596-139-0x000001A8EA0B0000-0x000001A8EA0C0000-memory.dmp

          Filesize

          64KB

        • memory/3596-140-0x000001A8E9F10000-0x000001A8E9F1C000-memory.dmp

          Filesize

          48KB

        • memory/3596-141-0x000001A8E9F40000-0x000001A8E9F5C000-memory.dmp

          Filesize

          112KB

        • memory/3596-142-0x000001A8EA0C0000-0x000001A8EA0EC000-memory.dmp

          Filesize

          176KB

        • memory/3596-143-0x000001A8EA0F0000-0x000001A8EA12C000-memory.dmp

          Filesize

          240KB

        • memory/3596-144-0x000001A8EA0B0000-0x000001A8EA0C0000-memory.dmp

          Filesize

          64KB

        • memory/3596-145-0x000001A8EA0B0000-0x000001A8EA0C0000-memory.dmp

          Filesize

          64KB

        • memory/3596-146-0x000001A8EE190000-0x000001A8EE336000-memory.dmp

          Filesize

          1.6MB