Overview

overview

10

Static

static

10

CraxsRat v...ny.dll

windows7-x64

1

CraxsRat v...ny.dll

windows10-2004-x64

1

CraxsRat v...ss.dll

windows7-x64

1

CraxsRat v...ss.dll

windows10-2004-x64

1

CraxsRat v...��.exe

windows7-x64

10

CraxsRat v...��.exe

windows10-2004-x64

10

CraxsRat v...rk.dll

windows7-x64

1

CraxsRat v...rk.dll

windows10-2004-x64

1

CraxsRat v...ys.dll

windows7-x64

1

CraxsRat v...ys.dll

windows10-2004-x64

1

CraxsRat v...PS.dll

windows7-x64

1

CraxsRat v...PS.dll

windows10-2004-x64

1

CraxsRat v...ms.dll

windows7-x64

1

CraxsRat v...ms.dll

windows10-2004-x64

1

CraxsRat v...pf.dll

windows7-x64

1

CraxsRat v...pf.dll

windows10-2004-x64

1

CraxsRat v...ts.dll

windows7-x64

1

CraxsRat v...ts.dll

windows10-2004-x64

1

CraxsRat v...io.dll

windows7-x64

1

CraxsRat v...io.dll

windows10-2004-x64

1

CraxsRat v...on.dll

windows7-x64

1

CraxsRat v...on.dll

windows10-2004-x64

1

CraxsRat v...le.dll

windows7-x64

1

CraxsRat v...le.dll

windows10-2004-x64

1

CraxsRat v...el.lnk

windows7-x64

3

CraxsRat v...el.lnk

windows10-2004-x64

7

CraxsRat v...rk.exe

windows7-x64

1

CraxsRat v...rk.exe

windows10-2004-x64

1

CraxsRat v...et.dll

windows7-x64

1

CraxsRat v...et.dll

windows10-2004-x64

1

CraxsRat v...xs.dll

windows7-x64

1

CraxsRat v...xs.dll

windows10-2004-x64

1

Analysis

  • max time kernel
    136s
  • max time network
    139s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    29-11-2024 17:58

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    CraxsRat v7.6‌‌‌/Telegram Channel.lnk

  • Size

    1KB

  • MD5

    4e0880288ad4607823df224723cd5c3c

  • SHA1

    ca7a9cbbb1c5a2af44102a45c578b4e10601873e

  • SHA256

    aeede2993a3dd6053b6bcb19fe3ad1fbb9b69fc54b5aef79ef58b279f558346f

  • SHA512

    85d82b3be13368dd254fc967793813b4eb6c4b89bd21bebb27f68cf12d06dc1ae6335ec113650c30d8e6904f54163f7bc78746b1505b7494d9e220bd7d7e2d91

Score
3/10
discovery

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 34 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 10 IoCs

Processes

  • C:\Windows\system32\cmd.exe
    cmd /c "C:\Users\Admin\AppData\Local\Temp\CraxsRat v7.6‌‌‌\Telegram Channel.lnk"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2492
    • C:\Windows\explorer.exe
      "C:\Windows\explorer.exe" "https://t.me/ThreatCommunity"
      2⤵
        PID:2092
    • C:\Windows\explorer.exe
      C:\Windows\explorer.exe /factory,{75dff2b7-6936-4c06-a8bb-676a7b00b24b} -Embedding
      1⤵
      • Suspicious use of WriteProcessMemory
      PID:2756
      • C:\Program Files\Internet Explorer\iexplore.exe
        "C:\Program Files\Internet Explorer\iexplore.exe" https://t.me/ThreatCommunity
        2⤵
        • Modifies Internet Explorer settings
        • Suspicious use of FindShellTrayWindow
        • Suspicious use of SetWindowsHookEx
        • Suspicious use of WriteProcessMemory
        PID:2808
        • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
          "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2808 CREDAT:275457 /prefetch:2
          3⤵
          • System Location Discovery: System Language Discovery
          • Modifies Internet Explorer settings
          • Suspicious use of SetWindowsHookEx
          PID:2792

    Network

    MITRE ATT&CK Enterprise v15

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      342B

      MD5

      fd48346b01363722c6103a15bac56b59

      SHA1

      6c861bc2366485ec9c2dfe20b6da17c913e15391

      SHA256

      d410194bf5c35bbef602718ca7ba7b52835397ec05303aa23ec6bde3daadb5ef

      SHA512

      a1b856437b417fd6e342971bf05fb70fd1499c59aa006c97655c3a83cea443c457be63a74ebeb3f63578f43d2c6f07b20c9441f555c6232e3ce1fa9cf1495c80

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      342B

      MD5

      6894f64d882144dddf14bbd21e5795c9

      SHA1

      f4d004efcf68962af72892e95bbdfcaf105da61b

      SHA256

      0531ff7eb402d53fffc5d5125fc266b6bba63a7e0c6ac36fb347a9c369f433f9

      SHA512

      b71d2ec769d9f867bace84d5befebf31a01ac80450f1d94ce17cd8a9d991a048e2265dbfed137872146b8af4acc1d3a9251dff48e253e9ad310ddb8559673e8d

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      342B

      MD5

      1fe83974e18e25b3a94e992e494af9ec

      SHA1

      abe97be08c5ff0376bd1d18c7718b1f9ab7b6587

      SHA256

      93dffe6c14f846448581940a14090a669e4e76fdd9cf95e2f1540c5586e40b48

      SHA512

      e73072b7ea9ee2f9f01ce55c8c5481d26d739fdffcbc51a292323427bb2bc24fc6b6d32e25c616f74f1ce3ccb8261f19d994e3e0ddca57b0cc253671f3c2e6b0

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      342B

      MD5

      7c530471c19b06dbc33360b5c7f4f837

      SHA1

      d3275e469d4e747aa3123d0c8b3d959da518e563

      SHA256

      48830ed7694fb487f00034e23e263cf4f89b1f3d79f938696d384e2695d9ac88

      SHA512

      1b981e5043ffc81fa026fb832b5271a883aed3fb819abffc9cc5c994fd0aa9a958e589902ce6c09fc23ddc19a6016badccae0d6bc776a397aaffa266ad8d62bc

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      342B

      MD5

      794e89733f9434c1ac85754b4a80efd0

      SHA1

      ac132dfb543c269b2857483308e379ff7dbdf38c

      SHA256

      d45fa47f62c0b41c6d86ae7cbf48e964b786f90bb90b1eac3c54a35097607a2e

      SHA512

      5172c46a0b7c3b5f04e0e227e007a6ae5fc538e3d820c09a7b9414d3fc688cefae84a4a87650cadaf8fd41c19c59e79dfce63dc9c57b957e66f8dde990663dca

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      342B

      MD5

      3238a278b4f9ba03292e036d2f722a76

      SHA1

      08426d767e0ea67f8e4c91b87578bf446e405be3

      SHA256

      aa02754eec9c26324107d59e2a2358a17634761797566bdd8c0cd3d13c6eaa95

      SHA512

      9f225e8677692acf4575e4af2e3d6a71d502714696bf1c3facf31eccd988c3ec47ec6338a5ccceb404783dc761ce54922d2683c07a844f2431c17ba453257c1a

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      342B

      MD5

      2e8a15acbe81ca7a4a476f16d9a19f42

      SHA1

      e4ca02e9bde1c7696f4b6356508852ca5d921ecc

      SHA256

      a35543d99a537f47661ff171b270683a704dea367163839b3359b30315226434

      SHA512

      52e3530cb9dfbf684aca7ebfb5d08cf07820441f5f8cbcac46198ce67836a0cd6ca70788660163117e1db39c409c9f843317d805eff3c09e7be5b7dab6a06ad5

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      342B

      MD5

      0bf5b4297c70e2b73560436cf58c9352

      SHA1

      46638f59db000384151a0bf68831c33fb32d2697

      SHA256

      b6bb97c27345fa0008c96cd83e4917cad90a5c9821e88886967a0050dfede11e

      SHA512

      0a0e779c3cd1c7c94e208d52dcdc729932e4cf5014fc636134863f694bbfb3dc045a3cb9ae0046fdd113925d8691da3f33a3caa19939cfb8a14c32258784b610

      Download Submit

    • C:\Users\Admin\AppData\Local\Temp\CabE86F.tmp
      Filesize

      70KB

      MD5

      49aebf8cbd62d92ac215b2923fb1b9f5

      SHA1

      1723be06719828dda65ad804298d0431f6aff976

      SHA256

      b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

      SHA512

      bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

      Download Submit

    • C:\Users\Admin\AppData\Local\Temp\TarE91D.tmp
      Filesize

      181KB

      MD5

      4ea6026cf93ec6338144661bf1202cd1

      SHA1

      a1dec9044f750ad887935a01430bf49322fbdcb7

      SHA256

      8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

      SHA512

      6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

      Download Submit