Overview

overview

10

Static

static

3

CrimsonRAT.exe

windows7-x64

10

CrimsonRAT.exe

windows10-2004-x64

10

CrimsonRAT.exe

windows10-ltsc 2021-x64

10

CrimsonRAT.exe

windows11-21h2-x64

10

CrimsonRAT.exe

macos-10.15-amd64

1

Analysis

  • max time kernel
    49s
  • max time network
    105s
  • platform
    macos-10.15_amd64
  • resource
    macos-20241101-en
  • resource tags

    arch:amd64arch:i386image:macos-20241101-enkernel:19b77alocale:en-usos:macos-10.15-amd64system
  • submitted
    16-11-2024 21:14

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    CrimsonRAT.exe

  • Size

    84KB

  • MD5

    b6e148ee1a2a3b460dd2a0adbf1dd39c

  • SHA1

    ec0efbe8fd2fa5300164e9e4eded0d40da549c60

  • SHA256

    dc31e710277eac1b125de6f4626765a2684d992147691a33964e368e5f269cba

  • SHA512

    4b8c62ddfc7cd3e5ce1f8b5a1ba4a611ab1bfccf81d80cf2cfc831cffa1d7a4b6da0494616a53b419168bc3a324b57382d4a6186af083de6fc93d144c4503741

  • SSDEEP

    1536:IjoAILD000jsdtP66K3uch3bCuExwwSV712fRp1Oo2IeG:IqLD000wD6VRhLbzwSv2H1beG

Score
1/10

Malware Config

Signatures

Processes

  • /bin/sh
    sh -c "sudo /bin/zsh -c \"/Users/run/CrimsonRAT.exe\""
    1⤵
      PID:473
    • /bin/bash
      sh -c "sudo /bin/zsh -c \"/Users/run/CrimsonRAT.exe\""
      1⤵
        PID:473
      • /usr/bin/sudo
        sudo /bin/zsh -c /Users/run/CrimsonRAT.exe
        1⤵
          PID:473
          • /bin/zsh
            /bin/zsh -c /Users/run/CrimsonRAT.exe
            2⤵
              PID:474
            • /Users/run/CrimsonRAT.exe
              /Users/run/CrimsonRAT.exe
              2⤵
                PID:474
            • /usr/libexec/xpcproxy
              xpcproxy com.apple.sysmond
              1⤵
                PID:483
              • /usr/libexec/sysmond
                /usr/libexec/sysmond
                1⤵
                  PID:483

                Network

                MITRE ATT&CK Matrix

                Replay Monitor

                Loading Replay Monitor...

                Downloads