Overview

overview

10

Static

static

10

0x00050000...70.exe

windows7-x64

10

0x00050000...70.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    145s
  • max time network
    150s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231215-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
  • submitted
    21-12-2023 16:45

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    0x0005000000019593-470.exe

  • Size

    16.9MB

  • MD5

    b4008dc1b878578905f1a01d2938c8ea

  • SHA1

    2f7fd3f24c7ff9aaab6a22a15cb5951adc80958b

  • SHA256

    503d4b9bd0a158dbfd9179ac51341404f32f9fc1765d375f4c92eb7d0ed8ba18

  • SHA512

    c91b11b702baaf4e45e4dc6271070e1f68259bc0f33e189f78fe5bd4ab0cae45ba44aa92393abadbb4cee23bfa60abee23aaf5d9edd574aa5d7a0bc9db1c322d

  • SSDEEP

    768:RaijTpc2IV5M2/Ph8nLZ7FtOMakbW8FqZRQT8O:YijTpcp5M2RqLZ72YxY7F

Score
10/10
crimsonratrat

Malware Config

Extracted

Family

crimsonrat

C2

167.160.166.1

Signatures

  • CrimsonRat

    Crimson RAT is a malware linked to a Pakistani-linked threat actor.

    ratcrimsonrat

Processes

  • C:\Users\Admin\AppData\Local\Temp\0x0005000000019593-470.exe
    "C:\Users\Admin\AppData\Local\Temp\0x0005000000019593-470.exe"
    1⤵
      PID:4976

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/4976-1-0x0000026F19430000-0x0000026F1A520000-memory.dmp

      Filesize

      16.9MB

      Download

    • memory/4976-0-0x00007FFB79590000-0x00007FFB7A051000-memory.dmp

      Filesize

      10.8MB

      Download

    • memory/4976-2-0x0000026F1A930000-0x0000026F1A940000-memory.dmp

      Filesize

      64KB

      Download

    • memory/4976-3-0x00007FFB79590000-0x00007FFB7A051000-memory.dmp

      Filesize

      10.8MB

      Download

    • memory/4976-4-0x0000026F1A930000-0x0000026F1A940000-memory.dmp

      Filesize

      64KB

      Download