Overview

overview

7

Static

static

7

CraxsRat 7.4.zip

windows11-21h2-x64

7

CraxsRat 7...g.html

windows11-21h2-x64

1

CraxsRat 7...rk.dll

windows11-21h2-x64

1

CraxsRat 7...ys.dll

windows11-21h2-x64

1

CraxsRat 7...64.dll

windows11-21h2-x64

1

CraxsRat 7...tm.dll

windows11-21h2-x64

1

CraxsRat 7...PS.dll

windows11-21h2-x64

1

CraxsRat 7...ms.dll

windows11-21h2-x64

1

CraxsRat 7...pf.dll

windows11-21h2-x64

1

CraxsRat 7...ts.dll

windows11-21h2-x64

1

CraxsRat 7...io.dll

windows11-21h2-x64

1

CraxsRat 7...on.dll

windows11-21h2-x64

1

CraxsRat 7...le.dll

windows11-21h2-x64

1

CraxsRat 7...et.dll

windows11-21h2-x64

1

CraxsRat 7...xs.dll

windows11-21h2-x64

1

CraxsRat 7...7z.dll

windows11-21h2-x64

3

CraxsRat 7...7z.exe

windows11-21h2-x64

7

CraxsRat 7...or.jar

windows11-21h2-x64

7

CraxsRat 7...pt.exe

windows11-21h2-x64

7

CraxsRat 7...er.jar

windows11-21h2-x64

7

CraxsRat 7...ol.jar

windows11-21h2-x64

7

CraxsRat 7...nk.ps1

windows11-21h2-x64

3

CraxsRat 7...ni.dll

windows11-21h2-x64

1

CraxsRat 7...-1.dll

windows11-21h2-x64

1

platformBi...32.dll

windows11-21h2-x64

1

platformBi...ge.dll

windows11-21h2-x64

1

platformBi...32.dll

windows11-21h2-x64

1

CraxsRat 7...n-2.pl

windows11-21h2-x64

3

CraxsRat 7...n-3.pl

windows11-21h2-x64

3

CraxsRat 7...n-6.pl

windows11-21h2-x64

3

CraxsRat 7...n-7.pl

windows11-21h2-x64

3

CraxsRat 7...n-8.pl

windows11-21h2-x64

3

Analysis

  • max time kernel
    1479s
  • max time network
    1498s
  • platform
    windows11-21h2_x64
  • resource
    win11-20240426-en
  • resource tags

    arch:x64arch:x86image:win11-20240426-enlocale:en-usos:windows11-21h2-x64system
  • submitted
    21-05-2024 15:53

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    CraxsRat 7.4/res/Lib/ApkEditor.jar

  • Size

    2.9MB

  • MD5

    2a86a4e2a358bdef45ebdb9b1ad217b6

  • SHA1

    6f1474287e6e6f4b1264e48eda8b88dfb7b7a47f

  • SHA256

    6bcda26492a031fc63b0d0f7b6b4590ef5017cdecc134ee9768521b03833fe00

  • SHA512

    1e4eec08a13e72567bd2e565ddf08a17d098e470280a057c8d4c31cfd501482fe7e381364f456a31cad1b0dae69e85140111e776bbd4b95c0a450d7d7f82baa0

  • SSDEEP

    49152:R5DHKV0tkwisQD+Dt+C4e/4sLbTJ8Jxi18ZqByspA7P41Mwsw3Ga:Lz00tkw9Qa+BegsLbS3ksP4Nn3h

Score
7/10
discovery

Malware Config

Signatures

  • Modifies file permissions 1 TTPs 1 IoCs
    discovery
  • Suspicious use of WriteProcessMemory 2 IoCs

Processes

  • C:\Program Files (x86)\Common Files\Oracle\Java\javapath\java.exe
    java -jar "C:\Users\Admin\AppData\Local\Temp\CraxsRat 7.4\res\Lib\ApkEditor.jar"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:3868
    • C:\Windows\system32\icacls.exe
      C:\Windows\system32\icacls.exe C:\ProgramData\Oracle\Java\.oracle_jre_usage /grant "everyone":(OI)(CI)M
      2⤵
      • Modifies file permissions
      PID:1964

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\ProgramData\Oracle\Java\.oracle_jre_usage\3903daac9bc4a3b7.timestamp
    Filesize

    46B

    MD5

    3ed9ee12e7eee00024534369ffd45a8d

    SHA1

    fdfc11397e37b720292fdd3cc0474a5321305b94

    SHA256

    0e17c5dbd5e6ca41a2e540881726027fbb41c47493e844b2f55d9d2a6210c4a9

    SHA512

    83c7ef8254319cd9e09c7760e3df86cd8b6a4556c90cf228e8e2fc4ada9a42de4759e6ef9eaa9bd928c05c6dbb5823ba5a920cc963c5b6ddf36b22f34220aacc

    Download Submit
  • memory/3868-2-0x0000028A9BA20000-0x0000028A9BC90000-memory.dmp
    Filesize

    2.4MB

    Download
  • memory/3868-13-0x0000028A9BA00000-0x0000028A9BA01000-memory.dmp
    Filesize

    4KB

    Download
  • memory/3868-14-0x0000028A9BA20000-0x0000028A9BC90000-memory.dmp
    Filesize

    2.4MB

    Download