Overview

overview

10

Static

static

1

Recommenda...s.docm

windows7-x64

10

Recommenda...s.docm

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Recommendation for the award of President's.docm

  • Size

    15.9MB

  • Sample

    240202-ygys8agccp

  • MD5

    a21c2b37effe3195665ec5597afa329f

  • SHA1

    d764529d82a015204d9ab3fe414c0da5b9829d9a

  • SHA256

    c59b2d6a70bc5b84998aebb2d21241a8adef33724838e92db4dee36a1ce46f43

  • SHA512

    ed6be97c243c677649c395a0a4016bae40719493425265b0541a9d0fdae395e8c0325104003b582925c5a4fabf6b1050d8dc72d7cabfe1d6e00c0f9e03c96978

  • SSDEEP

    393216:Xrh68BRtZSZlpwMkbt6xFczuZQ5x2hYUiF9:Xrw+aKMkMozuOD209

Score
10/10
crimsonratrat

Malware Config

Extracted

Family

crimsonrat

C2

164.68.122.64

Targets

    • Target

      Recommendation for the award of President's.docm

    • Size

      15.9MB

    • MD5

      a21c2b37effe3195665ec5597afa329f

    • SHA1

      d764529d82a015204d9ab3fe414c0da5b9829d9a

    • SHA256

      c59b2d6a70bc5b84998aebb2d21241a8adef33724838e92db4dee36a1ce46f43

    • SHA512

      ed6be97c243c677649c395a0a4016bae40719493425265b0541a9d0fdae395e8c0325104003b582925c5a4fabf6b1050d8dc72d7cabfe1d6e00c0f9e03c96978

    • SSDEEP

      393216:Xrh68BRtZSZlpwMkbt6xFczuZQ5x2hYUiF9:Xrw+aKMkMozuOD209

    Score
    10/10
    crimsonratrat

    • CrimsonRat

      Crimson RAT is a malware linked to a Pakistani-linked threat actor.

      ratcrimsonrat

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks