Overview

overview

10

Static

static

7

CraxsRat v4.9.5.zip

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    CraxsRat v4.9.5.zip

  • Size

    202.9MB

  • Sample

    241221-qfl42azqbl

  • MD5

    7500401b8191aaa4fffd67f8c6bc66c0

  • SHA1

    c671f3d06004c09bbc93dfd9cd5e03b1f3b02558

  • SHA256

    9a36c8468bb8d00af6a292ab0daa6e70085ca85d0b3d9300570efea167b4a80b

  • SHA512

    3d881dd0c37d8a75c113de55ed4091c2c4b147c69ae59eabb1da4d931061a7826adf4b85a5e9548df089bd89998453438c627c6b5a44d58a913670d10f45f585

  • SSDEEP

    6291456:L8Dcuk7vb0d6rJLAJ2W9oN7ZiLb74IqGQezH6lr:Lichj0I1TpkzGGlH6t

Score
10/10
redlineagilenetdiscoveryinfostealer

Malware Config

Targets

    • Target

      CraxsRat v4.9.5.zip

    • Size

      202.9MB

    • MD5

      7500401b8191aaa4fffd67f8c6bc66c0

    • SHA1

      c671f3d06004c09bbc93dfd9cd5e03b1f3b02558

    • SHA256

      9a36c8468bb8d00af6a292ab0daa6e70085ca85d0b3d9300570efea167b4a80b

    • SHA512

      3d881dd0c37d8a75c113de55ed4091c2c4b147c69ae59eabb1da4d931061a7826adf4b85a5e9548df089bd89998453438c627c6b5a44d58a913670d10f45f585

    • SSDEEP

      6291456:L8Dcuk7vb0d6rJLAJ2W9oN7ZiLb74IqGQezH6lr:Lichj0I1TpkzGGlH6t

    Score
    10/10
    redlinediscoveryinfostealer

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

      infostealerredline

    • RedLine payload

    • Redline family

      redline

    • .NET Reactor proctector

      Detects an executable protected by an unregistered version of Eziriz's .NET Reactor.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks