Overview

overview

10

Static

static

1

netflix_ch...s.xlam

windows7-x64

10

netflix_ch...s.xlam

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    netflix_christmas_offer_for_old_users.xlam

  • Size

    5.1MB

  • Sample

    231221-tnkgysbagr

  • MD5

    9f066a62e22b98b0fad7fedfdee68b52

  • SHA1

    e82bda281cd56e2515f3b351f8cb7d074986ed13

  • SHA256

    2b7c1c57725451109a1a9217aa02507a0f37e67b46f91d5d153bbb1d0e4122b4

  • SHA512

    53f1e9944ee3ee547900efca6b6a23e735d82b63c9e753c3b81de53a1bf113e81733ba79976f9a469c698dc79b88d34faec6dbc23561878c18242389685b0f4f

  • SSDEEP

    98304:jV4oyAgZvd4DsMtu/oYUT5FWSQERe4QBUfX9I5CvKc4lROdy60zQ:RPiKDu/7QZQ2HQUfX6gN4lROdZ0zQ

Score
10/10
crimsonratrat

Malware Config

Extracted

Family

crimsonrat

C2

167.160.166.1

Targets

    • Target

      netflix_christmas_offer_for_old_users.xlam

    • Size

      5.1MB

    • MD5

      9f066a62e22b98b0fad7fedfdee68b52

    • SHA1

      e82bda281cd56e2515f3b351f8cb7d074986ed13

    • SHA256

      2b7c1c57725451109a1a9217aa02507a0f37e67b46f91d5d153bbb1d0e4122b4

    • SHA512

      53f1e9944ee3ee547900efca6b6a23e735d82b63c9e753c3b81de53a1bf113e81733ba79976f9a469c698dc79b88d34faec6dbc23561878c18242389685b0f4f

    • SSDEEP

      98304:jV4oyAgZvd4DsMtu/oYUT5FWSQERe4QBUfX9I5CvKc4lROdy60zQ:RPiKDu/7QZQ2HQUfX6gN4lROdZ0zQ

    Score
    10/10
    crimsonratrat

    • CrimsonRat

      Crimson RAT is a malware linked to a Pakistani-linked threat actor.

      ratcrimsonrat

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks