Overview

overview

10

Static

static

10

SecuriteIn...42.exe

windows7-x64

10

SecuriteIn...42.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    SecuriteInfo.com.BackDoor.CrimsonNET.14.26407.16542.exe

  • Size

    16.9MB

  • MD5

    b4008dc1b878578905f1a01d2938c8ea

  • SHA1

    2f7fd3f24c7ff9aaab6a22a15cb5951adc80958b

  • SHA256

    503d4b9bd0a158dbfd9179ac51341404f32f9fc1765d375f4c92eb7d0ed8ba18

  • SHA512

    c91b11b702baaf4e45e4dc6271070e1f68259bc0f33e189f78fe5bd4ab0cae45ba44aa92393abadbb4cee23bfa60abee23aaf5d9edd574aa5d7a0bc9db1c322d

  • SSDEEP

    768:RaijTpc2IV5M2/Ph8nLZ7FtOMakbW8FqZRQT8O:YijTpcp5M2RqLZ72YxY7F

Score
10/10
crimsonrat

Malware Config

Extracted

Family

crimsonrat

C2

167.160.166.1

Signatures

  • Crimsonrat family
    crimsonrat
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • SecuriteInfo.com.BackDoor.CrimsonNET.14.26407.16542.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections