crimsonrat | 503d4b9bd0a158dbfd9179ac51341404f32f9fc1765d375f4c92eb7d0ed8ba18 | Triage

Sharing

General

Target

SecuriteInfo.com.BackDoor.CrimsonNET.14.26407.16542.exe
Size

16.9MB
Sample

231222-h54flsbhdn
MD5

b4008dc1b878578905f1a01d2938c8ea
SHA1

2f7fd3f24c7ff9aaab6a22a15cb5951adc80958b
SHA256

503d4b9bd0a158dbfd9179ac51341404f32f9fc1765d375f4c92eb7d0ed8ba18
SHA512

c91b11b702baaf4e45e4dc6271070e1f68259bc0f33e189f78fe5bd4ab0cae45ba44aa92393abadbb4cee23bfa60abee23aaf5d9edd574aa5d7a0bc9db1c322d
SSDEEP

768:RaijTpc2IV5M2/Ph8nLZ7FtOMakbW8FqZRQT8O:YijTpcp5M2RqLZ72YxY7F

Score

10^/10

crimsonrat rat

Malware Config

Extracted

Family

crimsonrat

C2

167.160.166.1

Targets

- Target
  
  SecuriteInfo.com.BackDoor.CrimsonNET.14.26407.16542.exe
- Size
  
  16.9MB
- MD5
  
  b4008dc1b878578905f1a01d2938c8ea
- SHA1
  
  2f7fd3f24c7ff9aaab6a22a15cb5951adc80958b
- SHA256
  
  503d4b9bd0a158dbfd9179ac51341404f32f9fc1765d375f4c92eb7d0ed8ba18
- SHA512
  
  c91b11b702baaf4e45e4dc6271070e1f68259bc0f33e189f78fe5bd4ab0cae45ba44aa92393abadbb4cee23bfa60abee23aaf5d9edd574aa5d7a0bc9db1c322d
- SSDEEP
  
  768:RaijTpc2IV5M2/Ph8nLZ7FtOMakbW8FqZRQT8O:YijTpcp5M2RqLZ72YxY7F
Score

10^/10

crimsonrat rat
- CrimsonRat
  Crimson RAT is a malware linked to a Pakistani-linked threat actor.
  rat crimsonrat
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2