Analysis

  • max time kernel
    130s
  • max time network
    143s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240802-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
  • submitted
    01-09-2024 16:31

General

  • Target

    CraxsRat V7/LiveCharts.Wpf.xml

  • Size

    171KB

  • MD5

    9cbc27f6b1afbc7f43a9ed07f784a73d

  • SHA1

    c15b3540ef31f3b229c3ffd6f5602aa7c04b3928

  • SHA256

    c18a11b019a56ec8e5916042a9f23a8655ea199bf2a4319573b18b7e035e3914

  • SHA512

    c39b9c022d8ffc6d651e6bc4aa60ab435318b69571e97c71b7ebb0c5b25d0b50cdb235ba4302c689be132e32fc0d13b686db5b4fa794f8db8342162a55dece58

  • SSDEEP

    1536:6/Jl3Mw7VTlv6aoz/Jj3WCQOtnPsJyjJ7t6U:oMwLv6aoFWCQOtnV

Score
1/10

Malware Config

Signatures

Processes

  • C:\Program Files\Microsoft Office\Root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\MSOXMLED.EXE
    "C:\Program Files\Microsoft Office\Root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\MSOXMLED.EXE" /verb open "C:\Users\Admin\AppData\Local\Temp\CraxsRat V7\LiveCharts.Wpf.xml"
    1⤵
      PID:2464

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/2464-1-0x00007FFAE502D000-0x00007FFAE502E000-memory.dmp

      Filesize

      4KB

    • memory/2464-0-0x00007FFAA5010000-0x00007FFAA5020000-memory.dmp

      Filesize

      64KB

    • memory/2464-2-0x00007FFAE4F90000-0x00007FFAE5185000-memory.dmp

      Filesize

      2.0MB

    • memory/2464-3-0x00007FFAE4F90000-0x00007FFAE5185000-memory.dmp

      Filesize

      2.0MB

    • memory/2464-4-0x00007FFAE4F90000-0x00007FFAE5185000-memory.dmp

      Filesize

      2.0MB