Analysis

  • max time kernel
    122s
  • max time network
    156s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    07-04-2024 16:37

General

  • Target

    CraxsRat 7.4 Cracked By @Hidden_Blaze/CraxsRat.exe

  • Size

    64.9MB

  • MD5

    78db82f471c2105845e11c547c5da4a6

  • SHA1

    b4717f5105addecc83450c5c8f9888cfa1348b8c

  • SHA256

    31a17dc7efc257d50ccf1b060e1edf7152abf3dd998f178f084bc8b91a15f714

  • SHA512

    233abf3c2a56cc48bb339465878d7f9feec6db38932a32062b28868a5d0b30a34852ad20a4ec2e2c0796f452959024ca8f003163575bba8b781ab1e2d500f15a

  • SSDEEP

    786432:0k+NX10EPRCGZeZLHoA5AKF7zR/t6tKF+iSFgAxTKo2:H+NX10q8GZeZBAMzttZmFXtI

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 34 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 7 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\CraxsRat 7.4 Cracked By @Hidden_Blaze\CraxsRat.exe
    "C:\Users\Admin\AppData\Local\Temp\CraxsRat 7.4 Cracked By @Hidden_Blaze\CraxsRat.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:3020
    • C:\Program Files\Internet Explorer\iexplore.exe
      "C:\Program Files\Internet Explorer\iexplore.exe" http://go.microsoft.com/fwlink/?prd=11324&pver=4.5&sbp=AppLaunch&plcid=0x409&o1=.NETFramework,Version=v4.8&processName=CraxsRat.exe&platform=0009&osver=5&isServer=0&shimver=4.0.30319.0
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of FindShellTrayWindow
      • Suspicious use of SetWindowsHookEx
      • Suspicious use of WriteProcessMemory
      PID:2864
      • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
        "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2864 CREDAT:275457 /prefetch:2
        3⤵
        • Modifies Internet Explorer settings
        • Suspicious use of SetWindowsHookEx
        PID:2644

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    0ed130f956d6a8013e7ccb883a91840d

    SHA1

    7ac70572221cda9946884ef787cf075b306bdadb

    SHA256

    7a7af661d20b5aa956020d4f3d2bc7d5f3dde0ab1b5143c54a724ac337d75913

    SHA512

    437ffc209cf99f456abbfaac4e31e60aae25de547e368cf6a4150c516f136ff22c72de01cb47712987f72a90f810c0a8c5597dba2fc6e6837c5d9e0e7729a0d2

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    2097436b3208a7ee5c09ea92975703ec

    SHA1

    43b1fc86676fc7821a4ce8509709aabee7eca383

    SHA256

    45d1c33c5948468723ecb19359bc776217fa962e4ddad9d0b1c952640afcb148

    SHA512

    d266737ed98766ce36adc4a78d1356e5c64b4e91bae3583c6cb0d49ae0e4624113b212faa3fb3e2320b04478708fb9715bcccc938e6a04f6d4cd3cdaa4040e00

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    2f5ce4abb3c44ddccc1c8a85c3f159e9

    SHA1

    cec4a00be1734e211c5908a090ac3641d55a2d0b

    SHA256

    0f77398cda8d2c62b495af6d557b5d4807094cffe791d6aa7efddaef710f1685

    SHA512

    9553f940ce19adccfda091891260ebb85a1bb4d0274d9b5275d2aadbc52164b33ea06caf2107b3e43931c79d887f1c7cf302325521b05fa6c7122c69712d9dae

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    479dfd2a0cfaecf41ed06185394376e6

    SHA1

    0012669c3caf9cc794c268a75f911f5e3e333a10

    SHA256

    d74cac69dad860eba78a75114ccd2382f29b5dba7f415f665ace6b9c40c775b4

    SHA512

    c1b6ec6414d3bf0d6758447c9ca77d30244fb90bb93a27d85d855d611f132033c44fc926d2ff6bc81effc105dce8b14984fcec78b71846deb5917b43ecb0920d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    9932d2c85f864beddcd3cdedfa488ee3

    SHA1

    06e8e5a2430010d603531ccfa3f1a681fb526036

    SHA256

    c1f6e9f7ed4ab7976b5adece7953df00c5a868aa18d01608b6514b45541bd936

    SHA512

    182cc813d26712955c9c539b68501c637a241cebb78fc93c47f8da59bfa7c93820399c608e1cbe33b0a281f1d86c5a42175af9e47870782ff89d11f3e31dc7b7

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    87852d277546605da3effc0dada56a93

    SHA1

    9a71eb3416846ab3e3c572df9b6c8dea6bf7bc52

    SHA256

    3192b643f01e783fa5da121216eb61f7c5fb3c1a6e887a8296684c0feb50d72b

    SHA512

    73095a39c01bc4c10354f6a2d3e1a77409445596d322e38fc0d74759ff9e9a716e925b54668634c6e2fea6c6d879f803e4b30a773fc19c654f216a6bc3961b73

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    1e9eab68245f22593802d626e96e743f

    SHA1

    020bc5bc50fbd5955ad581d96ec90382d951f5ad

    SHA256

    44403c935e1c42090083a632435285e0d5b49c2fd262684b1b9396f7f8cc7a6f

    SHA512

    84dcbe280089fbd8bbab3a20c421a4a849f8c8bff33d151bbb2e7f3a364049427fb39d14c329c0e059b145990074840b4bb1f4277ef81faeef27b564c9212f7c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    65f8c7e39f7decd1599530365019e6d2

    SHA1

    324aacdf5e778aa9873301e4ea4c701e0ab91053

    SHA256

    d0a943609c274e99d1b2885df1eb9f162142bf554403b974dd021d0826471b4c

    SHA512

    00b4c3e604800b7f4afbc07322725fff16269665988081e13f6631a90613597fad7749532f46eecf86aa66339c9b96bac9b07ccc1e98ff6367773b1e069c8256

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    53657b5076bede2310afd554b4ddaa44

    SHA1

    2aa0e5f9149bda4cb2f169be7454c39b4b165603

    SHA256

    754ed36896b2c6fcc405653ced78885b8ac53a75b17c8efb9e9e43ec9a4c9054

    SHA512

    e19e036c2436795a8fb95404ec2edef671a8e8b4b289604259dcb78c6105cd3911a0075f198b0650cae003ffd506e1b0f4adc230c49fd26d1be417bddf15d9f9

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    02d5f323af245a86b27827b177422a7f

    SHA1

    236d44f30f6684552be954a35cb186d4c828b160

    SHA256

    9fccc33216c56381e3234b09b491edf7432e63972b297ac3563437737d305d1c

    SHA512

    8e31ac14a6136df3e87e99f935604b69f957bb693ac552e64d9834e575be3de094bae27c3d77b3c0258846443f2721f39e6b1defcdebb3eae399d4ccebd0b1cf

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    59a0ada67fdc728b94c6538d92d516ce

    SHA1

    8a6e48b28855c895b9296450e0be87f07aecde18

    SHA256

    53c2ad8e99699ac1fe9ee80878834fae476ed50d91bb085b4e6600db05e47628

    SHA512

    c1eb55134b7ca742ba7cd9d7a515778884ef02ed37b47b429dddf6d3e01f61982af6c7da507e469b586c19427df10faa2e5034762af784d8666da02cbb40abd7

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    2135d4a5c068e43ac814d98b605a1ea7

    SHA1

    03230626fda1fea052db0dde4be3ce28f9d181a7

    SHA256

    cc9f5a5301cd0b25c6b39ecda4ff040ab98e9a561c725a6d33105da5bbe89f5a

    SHA512

    d9e7f88efef190870622cb70b3aaea1d3d56fef5c17a047ea1b31f8fbf4cda450eae692f388328426e094870f3628368b082741d1f65bd83a9420257776234da

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    9e4634345111e15e7e6f91ded450fc0e

    SHA1

    b3a73cb967ee6a1cbbaea218eea731da3c9b51ee

    SHA256

    00f9006ba8d185db531de45931c46bb4ddb8f2a158ca7afdbcc6bc914013bc7b

    SHA512

    88a85816c2b0f408fe55cf1f79181d5b34f95cbd34692d9d953f2ab811cad300284609a3b877aed4f636f23ae050ad5551389ca98ccb56c9cf56d465f1fb95d3

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    3199fe01fdb131ad14886b72933f3458

    SHA1

    268ace7da8f61316acdc80650d864fe5dbc7ccbf

    SHA256

    b75fa48fb4677e1a6ab39e98f248c4487cc2befd4d30fdd4e6b6322a2527557f

    SHA512

    cb2ee8b64efc46013836ca8ba04f302b5f361218a94bf3586f667eb6a875518d201757de3fee218b3df4db4019732828c7ab009559ce9b8f3847ccea8236c82c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    2566ba82ca2eee52a9c50350152547e2

    SHA1

    24217290b7e0126309e85f6dc3322ee2031602e6

    SHA256

    13d983356943ae6b4478d60d4c03ad7f51663ce46b0b709d88b7fc8c722ad691

    SHA512

    5b81e485ad3f58539ed4ccaf2e4384cc3eae7e07215e50335a2fb87bf78aba4ee32144510bba64722650d34d246953195b74b80cc6a54820e00a7f208b1384fe

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    b53585c9dff534fdae8cf438732fd744

    SHA1

    4a4ea19f7ae12eaaf8f0bccc6212423d68a43f72

    SHA256

    cc4feaa2c162bd4953bc1b3517446bf1d7cb16b8060f9d854d0d010c5d54727d

    SHA512

    a2613f316480027ae1520d2f0d5aff8b3856e0e75ec91631cbb32ea89061c61bb3e6f9a614591c3541681c3ed326acb9ef5444c9cab1af14e5f2b1509b165a96

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    be068f5624a61126a26385c2a0e8b686

    SHA1

    bab3818f29f519e40b9e82f10d081411fd7f0a5a

    SHA256

    fe48e62b036476c89fdc2f1eff0e458b60811bbfe79ca97bf1d141bede6f0254

    SHA512

    90f76755ab813b61e5d9e1a3fda7afe3b9e900ab4e1ad65e2534594cf270df78f1bd5a3c04b0cfcfbf8d39e806f0c1e2f54f61913b5edba0e8afe407ddfb7d29

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    1f87cc9334ea29d9045f194d4be0f69c

    SHA1

    3c54fe0044e64ea607430d2a7939a1f42a727f49

    SHA256

    1fe3d27ba805231cdfc80367604e19b147bf9bff54b45adab7ef57e2e9a6c6bc

    SHA512

    0aa1668c2993805cfcd19d0a2e587d574a3b4809233313a4af52c4161dc9b65124ce9e6ddd74cf890b3836c9e9237cb5e964b6cf5eedd2cb386009d80bd5c693

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    8df69e02c1c132d79456b350bae1757c

    SHA1

    60048c0f9734c72abbfc4293f3dc299ece072e8e

    SHA256

    bc9545264b112e33562ad0b668e086a0da4b91b8384758928742ffc0c6db59bb

    SHA512

    a9f46428c700c800d934be0fc4df5d07589a6993a5fa76f063b913cb27e80a5eb067ef7c0499a1ba6e5fc41a9e6226c3d9073491364971e984b72cb95e3e176f

  • C:\Users\Admin\AppData\Local\Temp\Tar9BF8.tmp

    Filesize

    177KB

    MD5

    435a9ac180383f9fa094131b173a2f7b

    SHA1

    76944ea657a9db94f9a4bef38f88c46ed4166983

    SHA256

    67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

    SHA512

    1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a