Analysis

  • max time kernel
    140s
  • max time network
    162s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    07-04-2024 16:37

General

  • Target

    CraxsRat 7.4 Cracked By @Hidden_Blaze/ChangeLog.html

  • Size

    41KB

  • MD5

    2037a83c06d4840b72dc8d6c243a3b02

  • SHA1

    8fa8d97a2fb6cb561bb29ec365076726b4174814

  • SHA256

    c922d1a2550232f01d151571e30827528f939c962db52bd6feb3aa51290e28ab

  • SHA512

    1d3b91ab3988935e7716bb0dd3f550e593748a25720ff4c9a39c8ebd980ac77c94559dcf9685bbfc9e61ddde2e2401367905140dd92cf100cd4ce06182b011dc

  • SSDEEP

    768:aXBgQlr/JTwbXwnTHWKPXpxrTpTDqR2I6YxZbAuM5RkWkFT9RurXuGPoH9oa0zz8:aeQZNwjwTnpxPpTGR2+Zbgf8wLgWzAzl

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" "C:\Users\Admin\AppData\Local\Temp\CraxsRat 7.4 Cracked By @Hidden_Blaze\ChangeLog.html"
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2732
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2732 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2508

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    da7922260f5fc847bf30afbe13577b4f

    SHA1

    099f1b5de868f89d655952deabfccc8bdc38583d

    SHA256

    483d4f87887dc7d47f9d35d7ef9860975f88cf7183cc866b6a92d9f8fc8e43c3

    SHA512

    82f35feb72c97c43ff455c9f8d294417852879c60fb6293c8fb91d3ba7ab49916b3ffab4c5c627d999e9b5fb78f08452b2ab4a25055745ac80829d9bb213b5cf

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    d834b4d5cc482d4b04bc6c1694be8f5f

    SHA1

    abd138af55fee98cbfdb38793c336d59db4159ac

    SHA256

    83b8f63f41948e89fd002b71339b1948a73899320057a05e9feb06ee6a9f81a3

    SHA512

    0f4e115807149cf5cd66558ea7924c04d86fa25c0daa9abcf900957ede13ab801686e98f9f764ef36e335f7405f3a4ffd571e8f7d2479a6c1ce5dcfcbc4ca084

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    2bfe3c495005f5fc62ebd2dd39318d52

    SHA1

    8b1be5b748b1c14fb09255a42d54df85c0ca6bbc

    SHA256

    ba73d6de3678c7022b456d2b38171a2da9ef1bdb36f68661ec28d9701674080f

    SHA512

    7fc3b03b3e067bc8767cb4014a57dab54a1f4fbd4e5580531698f673047703080a920996a359c012432d0e19da37c1716f82e04785c5a816f28e297a547cca14

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    3c5138054bf7ecd87eea448fa5a61450

    SHA1

    dca44a1968c7f5aa853e8c6d0ece799a7ac12f80

    SHA256

    5aadf3310c0090df2c03038360a199f17658cbaefb82d469715cb8fc1bc30c89

    SHA512

    6e6df456794c321cc8c4e49fc589f4f2bb19d97e4403b47cdfadf14042bb4f5a7c2cdf7403666f56980ef1d06653f1ae0378df2535d1cc31735baf8f0ea17004

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    9281450e50bcc6702f3125037ddb0c23

    SHA1

    7da6488958afbe230fab4ffcdbef0e8dd21a8389

    SHA256

    9e7c6d8080c0ed97620f82ca62b0541eb475bd63765164d5730a4d831375882d

    SHA512

    4bc058b38138ab364abeb3f2a8f5d4c6df8e8455326d3775a891cd2a0b29037d684a66133c355a0ee51f3cd2648a28f4f1dca0c04a9e0ea34bf92d8aff75bed2

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    8b9c91588e0354f993526b9c29b7f006

    SHA1

    4932502af1784e251bf3abd8c93a466a77c507c0

    SHA256

    75032844fa6be02c97df2279c98a6904dc26baafd92a2f7969182794f06858c8

    SHA512

    04bd8b1a902cc46fd3fc2b6f6692f588e5447c434795bf2224a287d84bcba63701febe01ddf53aa3c3672cafa304b35a4f192cc9cc033f2ca5f1020823716357

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    ab0614830f271effc8c0e43621b90d15

    SHA1

    ac536e85207a580e05fcee036b905f681aa03f6b

    SHA256

    ddccb1d0a1fcd297f2f4efed23c65a5a608ac356ae2268033a17d9f8e40a9403

    SHA512

    bd93502ff7c924c603fc6691fb3a98b65fef689952b6c1c82e0f4a0817d72cad13ee4eed2a13fae8b34325cd43b4de96d8d3a55cba515949913e27fc65e66e35

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    1a886dd005b9b6992b4c95df9a494f31

    SHA1

    e958d23a5843e994532d697749c141fdeb179360

    SHA256

    fdd87d4a1eec8c1984d133d93a278f9f71ceb4e0bc784446968b013c0f04307d

    SHA512

    c08a1b5de5920fc7b4d407b3a62b48dd5868e0b4f09f1f2130d4ecbca37f9de468ebbb95f63f8d07513c20fc7e35b03044745e363096e370fb19143b772ccbdc

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    23fdf092d148304949929c9e1ffa3a6e

    SHA1

    4887258c2c46d22d5b700383b1ed2031ef6c1be2

    SHA256

    7658170f2092a0b8b7a2e349eeb13790f206f9c22c2fdf28e7349530664d646c

    SHA512

    46b9f931bc5771a1747dc91aa8908e63d15934b18efb33cb3b5283a31c7cfb364e149ad47055586facbc0a581a9e75aa3ec045dc928dbe1bcc5c6408392d5627

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    6702dca99e3d79f446de36d8e932c90c

    SHA1

    086e6cf6a26fe13322980432350d788bb6797da5

    SHA256

    3d16793f52d22661fd936561317638f89e14dd7722edbf3546bb5ba0078b4ccd

    SHA512

    7ff78472d5df7eefaa68f1bf3dfc8d81e24130037ddaef0aabe2d1f7bfd2cf77a191fe168308f194abc9c23b7c2bfcd774bb05d34e6cad83f503be28f201ad43

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    dbbba99bfa6b7c7149ea50b3e898a656

    SHA1

    2a813f2244da4d36fadf591d50b431d02eb8961a

    SHA256

    45b437f7fed111f9b3e1e760f5a487a7be39b82d183d516748ac697bd771cf6f

    SHA512

    8c073a4fc0e7fa3106b850a67a6b3226a5aac96643f6a8dcac9d5e355427c16cc77002207bd850bffeb8a389fb0017d679d88a68fece53d0d9639d4049362596

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    9bab060df681180326bc04f44e6db50a

    SHA1

    bb62a5d71592d6a8a7638daef050ce549ab0fc3c

    SHA256

    b7fbccdaadbd58d7d37fe0dda60b3d435fe3190c98b092d5d5c59831006b63b3

    SHA512

    9d289c2ad97a14f7a5251adf41a876a0271ea17f2a15d1c1838ca823eb344041993e882da10d443a42a769723f58f45588a9bf9a54ac0440f00e16119079440d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    33cd06dd70384f68dd63ab4cf1b6c1bf

    SHA1

    3d89e3cdeab8901614a9db211fa253ff0f7d3c78

    SHA256

    15d5942dd07c8b42419249f0d2e2f4a74758f55721115c2f8cd8cc50ef34c18f

    SHA512

    f74c189a3c333679aef12ddc4275754a4ba072230ba553dc4526c8efc4c7a46084eecd1c81c96cce6d86fb187ca95abd4812800e72857c00a4dcc75bb55e8329

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    28eb0bdf111cce1d446e499eb2bbef86

    SHA1

    485cfc55fca71096026e42ce7af2eb8482058860

    SHA256

    d097fdc8663d36c135f78e9e78d0570180fe390a17c1b73342aa4970a65dd238

    SHA512

    a5d4ebc0e58ec7d63ae37134c1a8f7f1131f653510b07b9f6b6913a8071e807d1a640fb131fc60695894c1c5d5e1fc19484c936e173a20bfce5180b586487179

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    870a8be9867d6a22cfced4e5be03ae3b

    SHA1

    bc0645d5db4a3bf9a12a779c9eb671252dabb276

    SHA256

    621e1050c6f7ea541f2cbcf6e892f699a2407ba3abb2ee1b249669258fa09ec8

    SHA512

    7f8a99804038edebeab1143edf8034ef183f177d0c81af0f83f48cd16d49df4ea55a0c116fc1a27020cb3520793b0ec899c6def40a1776585eec0241d4404e24

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    5b6966e53898005f1f313cf4eb844645

    SHA1

    b6b0eaec5abcb2891669c9abc9ff5715bfe82c05

    SHA256

    157ae68fdda01c846b100f101e7a323353a13521bb49cc95293371cd8745fd6a

    SHA512

    c5bb18e826f8bc9a21300fc69f840cdefb4f5b15fdea477a1f24601bf158123a847e7a3cbfa2e299aa0256cb92f72f7e9a63b85e59a76b73c94359fdf34143f1

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    4f2a6c4953b9551b8a559f222f35d455

    SHA1

    a434e18266ce88977ec5fdcf01e65a16a7ee646e

    SHA256

    5643d9f25bff85039e1b7868d5ed8ad509d2473127739a858148f057ab92bfb9

    SHA512

    538dd9798557408fb1b84bd291a1aed75bb486b667bca56c53856c56269ac3afca1f8c7d18a52dc25598bfb25ff06cd274dfc40e8c5e860361c4bb3f2202ec0d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    420307794c397ef67a7ea0e1b24c92e2

    SHA1

    5d22420c2cca8215d741be836820028cdaa43ad3

    SHA256

    c46896a9eeb3b646ada7e24c9dbb53711c0b303242ea890dd47a6c0f34709a04

    SHA512

    85bca94fd9389564001ee2523b90c193cbc26ccbd1c1f801ef0a85f1df27ebc6656753dcd6d1addd1ccfd80e736058fec3d681b8de92ca003035957e36138b7c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    5e4d4f4ca871bb5abf5dd46a093103d9

    SHA1

    43d43a2e1a65235efe0ffb24ad7b935521cfb107

    SHA256

    54a6cd30c8dc24a31387208b8916f0cac7273e900b78d9fe3049280361fdacb1

    SHA512

    9850788d05b19a88cd3a0c4511b6341d9f4fd62621b2e8db1ba4fbc56514e77ee150d02508875b4c9039e8b575b83ce1855bc372801bc6c62d9da212633f2110

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    707653787b0bba176f1986a3bee09464

    SHA1

    206178c08495f5f6a2ae8b6fbb45a5ee819ea915

    SHA256

    93d7f5d693e39d2bfdce2f6d3e808da05b018992e37a7ba57886fd2783f5a600

    SHA512

    6688a49ba66bf543352727aae2d6d9d20ae0122554e613c5a109f2e684dbe90c06e6e8ce5d1bda411b38dfe252744f504d1bf896abb3d8cf782a99b2d254c8aa

  • C:\Users\Admin\AppData\Local\Temp\Cab6B8.tmp

    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

  • C:\Users\Admin\AppData\Local\Temp\Tar7B8.tmp

    Filesize

    177KB

    MD5

    435a9ac180383f9fa094131b173a2f7b

    SHA1

    76944ea657a9db94f9a4bef38f88c46ed4166983

    SHA256

    67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

    SHA512

    1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a