crimsonrat | 3217397c6b12d88b5039a4c42848d8a6b03c37ecf322d9cf0836eebacc81149f | Triage

Submit
Reports

Overview

overview

Static

static

1

3217397c6b...f.xlam

windows7-x64

3217397c6b...f.xlam

windows10-2004-x64

7

Sharing

General

Target

3217397c6b12d88b5039a4c42848d8a6b03c37ecf322d9cf0836eebacc81149f
Size

157KB
Sample

250218-1d6qrs1ps8
MD5

164f7996b586499ba1ebdb8e10f5581e
SHA1

72c005e12d9ee2c33c161c37eccbea2b7922be12
SHA256

3217397c6b12d88b5039a4c42848d8a6b03c37ecf322d9cf0836eebacc81149f
SHA512

c88a1c95dc83bf8bbacbd93cf9d9519a23de7e0158c8f39b2a371963e58eba25610562097c9d679f868e7aa0799cc4bb91e78acf8b82a9d8d09e7c8bdf6e0790
SSDEEP

3072:FMKu+tcIroKu3COaWgPn8/wa+5pbthx0cLKCFj8Q8YwzpsYc4o+1HBZGBG:FM3nIrhu3Pa//tLvmQopcnqhZ6G

Score

10^/10

crimsonrat discovery rat

Static task

static1

Behavioral task

behavioral1

Sample

3217397c6b12d88b5039a4c42848d8a6b03c37ecf322d9cf0836eebacc81149f.xlam

Resource

win7-20241023-en

crimsonrat discovery rat

windows7-x64

13 signatures

150 seconds

Behavioral task

behavioral2

Sample

3217397c6b12d88b5039a4c42848d8a6b03c37ecf322d9cf0836eebacc81149f.xlam

Resource

win10v2004-20250217-en

windows10-2004-x64

8 signatures

150 seconds

Malware Config

Extracted

Family

crimsonrat

C2

209.127.18.107

101.125.206.108

Targets

- Target
  
  3217397c6b12d88b5039a4c42848d8a6b03c37ecf322d9cf0836eebacc81149f
- Size
  
  157KB
- MD5
  
  164f7996b586499ba1ebdb8e10f5581e
- SHA1
  
  72c005e12d9ee2c33c161c37eccbea2b7922be12
- SHA256
  
  3217397c6b12d88b5039a4c42848d8a6b03c37ecf322d9cf0836eebacc81149f
- SHA512
  
  c88a1c95dc83bf8bbacbd93cf9d9519a23de7e0158c8f39b2a371963e58eba25610562097c9d679f868e7aa0799cc4bb91e78acf8b82a9d8d09e7c8bdf6e0790
- SSDEEP
  
  3072:FMKu+tcIroKu3COaWgPn8/wa+5pbthx0cLKCFj8Q8YwzpsYc4o+1HBZGBG:FM3nIrhu3Pa//tLvmQopcnqhZ6G
Score

10^/10

crimsonrat discovery rat
- CrimsonRat
  Crimson RAT is a malware linked to a Pakistani-linked threat actor.
  rat crimsonrat
- Crimsonrat family
  crimsonrat
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

crimsonratdiscoveryrat

behavioral2

© 2018-2025

Terms | Privacy