crimsonrat | 26ecb3cd51fbaab64cfc024eabe3c0c8230001594be9b34b9e943d01fe02ea79 | Triage

Submit
Reports

Overview

overview

Static

static

1

SteamRIP -...].html

windows10-2004-x64

Sharing

General

Target

SteamRIP - 🧠-palace-of-humility [1256286199694495844].html
Size

238KB
Sample

240819-k87zbaygpm
MD5

17ff4593972658c0964b6813e1aab14d
SHA1

4d2257ff540dd6e1ab14fce6a4aa1be96721ce3b
SHA256

26ecb3cd51fbaab64cfc024eabe3c0c8230001594be9b34b9e943d01fe02ea79
SHA512

64367f97c622f38a74ead0b7596dfef0c282c28e35e70bb5affec99d28f9358b96eaf7af9f4fd7b85af28b9ce7887e58f8bcc83abc76946a88dba94d77d6ae63
SSDEEP

1536:4MNDL8DMDahDEqlDO/RnXbvYEVoSWaoo1TREiDQcD0sFbyMzQrHPDfaS3epmxZCr:NeCuTsX8XDzsl+SRP

Score

10^/10

crimsonrat discovery rat upx

Static task

static1

Behavioral task

behavioral1

Sample

SteamRIP - 🧠-palace-of-humility [1256286199694495844].html

Resource

win10v2004-20240802-en

crimsonrat discovery rat upx

windows10-2004-x64

8 signatures

150 seconds

Malware Config

Extracted

Family

crimsonrat

C2

185.136.161.124

Targets

- Target
  
  SteamRIP - 🧠-palace-of-humility [1256286199694495844].html
- Size
  
  238KB
- MD5
  
  17ff4593972658c0964b6813e1aab14d
- SHA1
  
  4d2257ff540dd6e1ab14fce6a4aa1be96721ce3b
- SHA256
  
  26ecb3cd51fbaab64cfc024eabe3c0c8230001594be9b34b9e943d01fe02ea79
- SHA512
  
  64367f97c622f38a74ead0b7596dfef0c282c28e35e70bb5affec99d28f9358b96eaf7af9f4fd7b85af28b9ce7887e58f8bcc83abc76946a88dba94d77d6ae63
- SSDEEP
  
  1536:4MNDL8DMDahDEqlDO/RnXbvYEVoSWaoo1TREiDQcD0sFbyMzQrHPDfaS3epmxZCr:NeCuTsX8XDzsl+SRP
Score

10^/10

crimsonrat discovery rat upx
- CrimsonRAT main payload
- CrimsonRat
  Crimson RAT is a malware linked to a Pakistani-linked threat actor.
  rat crimsonrat
- Executes dropped EXE
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Legitimate hosting services abused for malware hosting/C2
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

crimsonratdiscoveryratupx

© 2018-2024

Terms | Privacy