Analysis

  • max time kernel
    117s
  • max time network
    162s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    07-04-2024 12:24

General

  • Target

    CraxsRat 7.4 Cracked By @Hidden_Blaze/ChangeLog.html

  • Size

    41KB

  • MD5

    2037a83c06d4840b72dc8d6c243a3b02

  • SHA1

    8fa8d97a2fb6cb561bb29ec365076726b4174814

  • SHA256

    c922d1a2550232f01d151571e30827528f939c962db52bd6feb3aa51290e28ab

  • SHA512

    1d3b91ab3988935e7716bb0dd3f550e593748a25720ff4c9a39c8ebd980ac77c94559dcf9685bbfc9e61ddde2e2401367905140dd92cf100cd4ce06182b011dc

  • SSDEEP

    768:aXBgQlr/JTwbXwnTHWKPXpxrTpTDqR2I6YxZbAuM5RkWkFT9RurXuGPoH9oa0zz8:aeQZNwjwTnpxPpTGR2+Zbgf8wLgWzAzl

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" "C:\Users\Admin\AppData\Local\Temp\CraxsRat 7.4 Cracked By @Hidden_Blaze\ChangeLog.html"
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:3040
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:3040 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2624

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    09c586b246a2e7702c7a7b4bafaead05

    SHA1

    f203af5a863ddcadfd7c298750a21e10134f49cf

    SHA256

    d6fa7a2015efec6a1daed88bcb4f2f6f1abc11c381e3af7914fd18f5e5441993

    SHA512

    554f9c228bbbb215ebd192f9e5faf8e9547168ee08033a122befc08b9bdd6323f3aa41c6c246ed5e9c54b2bfebd9a6eb380b9b2c6bb906eca6b422664a316d25

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    f8acfd1d9121af670dd2dcaaa705f104

    SHA1

    719e68e2b6cf1fdb7f2c5ed0dbb4bb36f7d64c4e

    SHA256

    3d7519fd182675e63fb5b6351215f131a6afdcaebd146084a63a47af4ccf2041

    SHA512

    0094974d4b016fc81549aa29677a1eebed4860d9462cf23a283f4f37cf9387b0581ece6e9cb5d80e521672671f4bbe122d248a6ad019e327ebd6bcad597632ca

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    93ec6a52e685db7b36983da1ffc5e4d8

    SHA1

    0bb3d941958e168e7a3c07c1af6e560faa864aa9

    SHA256

    db4a6ab1c1325bb002366d676b585d047691905455473ffd739f81ebb608398a

    SHA512

    524563542ede95d5fe4aa400ce692df64a4fffdab8e95a1cb2034aa434f09cd28a2e7a2230ccef58136c21c7187bdb8bc5d69daa5638a45f573b656e647a5f93

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    d2f67501917e4cce51a5ffd954d39711

    SHA1

    e67962710556a278f61cb8713ad0cfee09e2e4b7

    SHA256

    ad7e63b11c683942f80587bd351c6957f24f05dda7fb0eaaebc9799e9256b160

    SHA512

    2f5bfb9be2222da00bcfb0d923f826597c437519223ec8473561329afa7946ede577044343293463a93e6405b6db474e0e6b65951fde339e70b1564c902a7d3c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    ab5336cee36ae47179432e0014ec44fd

    SHA1

    a3073f8485688a499afabdb2181720404ac1be36

    SHA256

    3e02f4b08104731c04077a9f638f88189485cbc9a2157c27b1b6c03bc5ae5308

    SHA512

    10883f415fad243ad1b635a4d4a087973a8ee753ab357e8e0dfa89f90f91895a140d55c159756655c1d9a9573937f40953b7114f44e149e80ad662e6472e4f09

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    e274dea8e1108dc643d2cdc98080f26e

    SHA1

    4d887a2786bd4e229e4317cebff32bcefb9c4b9b

    SHA256

    ccd208d3aab8d5fd2b0be3940ab52a3f1ed09f3445f633f3a23d4b2e00229c61

    SHA512

    150bf9bc516bf8419488267ddc9ff8a2b1c2d9f1cc24e4a899732974043c427c05ae5488c7ca3339c1e675e1eb0bcb28bf4407fec341fb7c9fd8c950f29be1c6

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    80c257e6b79f8f13542b1f45720af5d8

    SHA1

    6b8c9039a20747fbe7e24d84d0a1e77f9cce69aa

    SHA256

    ea7698f95fed248145bcdfd5eb83470294b2c16eb1da162102a104a031c2bd23

    SHA512

    6ee5c407cf4321549ebd03ebf37b570cccc5b2dcf97c5b22bbf71a585f856ea295c068949398166dbb7f9c02328ed9ffc8cfea98f352bc537a711b6053ab7224

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    9096f14ae9a8f91c970d292d0224df99

    SHA1

    b2a7b43654fd6d15bb8bc3304c32c01af8d7bfc1

    SHA256

    1f815070419196dc61a0dd6fc204efeb3b47698e43e19335848c5de229c1262c

    SHA512

    5f2a99b601813eff9f5a5a1395165c31bfb25264c8f024962b46faf767290aba98664d53a32f0d9ac6f0cd45345e1c043e0d54fcf5457d5b9eba03a4951f1289

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    5a17942d23cc9725faa2f296e280bf2f

    SHA1

    e1c4e490e65e2a7d5406879faf7c352617116df5

    SHA256

    cb738a91ea52f1bbc28e7426a855870462b9061dde0da7d3a6ac49a75e132df2

    SHA512

    4afd55641bef3fa4c7c0afd44086f0546d5953e87c0e5978e6a5d6977ea5af80d2ab4fd04d984d9a2dea2a90aa99856ae9440c99fbe20afe0e1210066f4bffb3

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    53178b92f8e4367c7ba5bbc37de87967

    SHA1

    8efb7e62b85aef731ce43409884df023ee865e64

    SHA256

    d8cac358cc76f54cc6d7634403f843aff69f785dd78ecb9145d6866c83e43982

    SHA512

    d343302680eeb8a73a82f39a98182a3eff1627bca178150056ab659507d885864aa8b0e628a105e2cfefae4be5da2209d26618e433a4816f198383175fa3ae78

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    17aa2fa47dd6dc7afbf9dc09f2bf399d

    SHA1

    0dafa3df85b609707abbfc03c02f5d9f98e64d55

    SHA256

    d4ecf5707c6fabb6579d30d028b3b95c52d8eb5fc6bd64b80a51a0e9603bf3fe

    SHA512

    b89380aaaafcbe494bfd769b7039a8945e620a783d789fa73581f56dbc5ba82243f4173378775a56f239ee71ecded413d77e4ca6db1f5c6f91c9fc2ba9ed2702

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    b2dd6fb6ae1a30a6e5dc3cef19ba17ad

    SHA1

    cb750007639576f23bd13c02d9af82202460878a

    SHA256

    8790d6f9a07f8e1f817a53a50812c3fc5433ad4a418df424c9975dcef63c21e7

    SHA512

    61e20269df04f6057ab5c097cd2e6d842c22a948cee8984eb2db93277c40a8ba9b17d0fd8b620aaca632d1a9634ba1542604d353935ce69d90eb95eeabc13a78

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    3dffde51c1353572bc566d51af27af90

    SHA1

    b2a2dca7e38749b8bf21525466d72a493a0eeeeb

    SHA256

    e30fd8007afd5a87b9be398001c144462f56d0d5251542b833bac70ca79a2909

    SHA512

    7b2497f55e11eb3d083ab84b89970d77aed7615dda397b959b9b9daad2f837271a0e3cc64a649f311068c31aa5476c9054332619177506ef66ce865df6bba723

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    e657accca4a88e01f9fcbb70199f8ad8

    SHA1

    24ef1d2e0d9e53ac8aa59d9b90316837708883c2

    SHA256

    988c3c56da84d6a439591e814265124edbbf5125a29e81284fb8391b12bae21f

    SHA512

    8218dc929f9ec505d4d22777ac0fb9f10f6dceef4c1d440450f5f9832d17846972fca500aa3d5e8db675e4d7d43fa7ad5c057237d8b813c7de586aee98e5c43a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    1a9da8b232e8ae8fa809bdb22e042dcd

    SHA1

    05bd2f31176f586bf748a59c58f2410c7c553411

    SHA256

    e1ebf48cf0aae5f39825bb0487955a0d3590ef902b46ce500893a0bb3cf349a3

    SHA512

    543ee6b0b61ac9e9071bbebf0c2683c3116227a47e978128923187494665e81d2898e7d8b67ad602ec8887547973d88ed49dea4d61a17d73416f0c7208b533f6

  • C:\Users\Admin\AppData\Local\Temp\CabEA33.tmp

    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

  • C:\Users\Admin\AppData\Local\Temp\TarEB36.tmp

    Filesize

    177KB

    MD5

    435a9ac180383f9fa094131b173a2f7b

    SHA1

    76944ea657a9db94f9a4bef38f88c46ed4166983

    SHA256

    67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

    SHA512

    1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a