crimsonrat | 218a3a1f233acd4e53bc25d4be1919a926cf72ac5f787c779c8b52e3c9a66e44 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

1

.html

windows11-21h2-x64

Resubmissions

22/01/2025, 12:48

250122-p189maxjfs 10

22/01/2025, 12:46

250122-pzmdgaxjat 10

22/01/2025, 12:43

250122-pxynqawrcy 8

Sharing

General

Target

.
Size

474B
Sample

250122-p189maxjfs
MD5

10957f24772eea915bc129c12ad964c9
SHA1

875b9ce0b9fe2f519d28cc8a3e8e957db9779360
SHA256

218a3a1f233acd4e53bc25d4be1919a926cf72ac5f787c779c8b52e3c9a66e44
SHA512

dd351894c8596e496a8e3ee3411e7b4a9cca1b9d13919eaa333c1b093377c18c93d8b2002b36027fb398685907b558a9021e60d8af51b2711c4452b1ff8d1602

Score

10^/10

crimsonrat defense_evasion discovery rat

Static task

static1

Behavioral task

behavioral1

Sample

.html

Resource

win11-20241007-en

crimsonrat defense_evasion discovery rat

windows11-21h2-x64

19 signatures

150 seconds

Malware Config

Extracted

Family

crimsonrat

C2

185.136.161.124

Targets

- Target
  
  .
- Size
  
  474B
- MD5
  
  10957f24772eea915bc129c12ad964c9
- SHA1
  
  875b9ce0b9fe2f519d28cc8a3e8e957db9779360
- SHA256
  
  218a3a1f233acd4e53bc25d4be1919a926cf72ac5f787c779c8b52e3c9a66e44
- SHA512
  
  dd351894c8596e496a8e3ee3411e7b4a9cca1b9d13919eaa333c1b093377c18c93d8b2002b36027fb398685907b558a9021e60d8af51b2711c4452b1ff8d1602
Score

10^/10

crimsonrat defense_evasion discovery rat
- CrimsonRAT main payload
- CrimsonRat
  Crimson RAT is a malware linked to a Pakistani-linked threat actor.
  rat crimsonrat
- Crimsonrat family
  crimsonrat
- Downloads MZ/PE file
- Executes dropped EXE
- Legitimate hosting services abused for malware hosting/C2
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Subvert Trust Controls

SIP and Trust Provider Hijacking

Credential Access

Discovery

Browser Information Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

crimsonratdefense_evasiondiscoveryrat

© 2018-2025

Terms | Privacy