crimsonrat | dafa62260b8f61cb5d22c73cdc74c43a8c427bc28de420fb33a08f0f312b0b6d | Triage

Submit
Reports

Overview

overview

Static

static

1

juicewrld.jpg

windows7-x64

juicewrld.jpg

windows10-2004-x64

1

Sharing

General

Target

juicewrld.jpeg
Size

152KB
Sample

250317-a6378syjv4
MD5

5252a0128845849d952cec74c84cbee7
SHA1

2c5fce854b92be89c8ac62ba8ae136cdd1029307
SHA256

dafa62260b8f61cb5d22c73cdc74c43a8c427bc28de420fb33a08f0f312b0b6d
SHA512

416e886bdf9072682c070a7ef8cfa400815807c8711242e55fc7dd27628156f84cd31fa8c6b66767de4e399cdf5b7c7a139add6180a64ac9f7ff944c79d4a02e
SSDEEP

3072:SMLL+MWEsIWEovj1GIliHyAHTZ5Vh2sVlv/+Ho8y+H:SM1WEiUI27Vwsrv/s3H

Score

10^/10

crimsonrat discovery rat

Static task

static1

Behavioral task

behavioral1

Sample

juicewrld.jpg

Resource

win7-20240729-en

crimsonrat discovery rat

windows7-x64

14 signatures

150 seconds

Behavioral task

behavioral2

Sample

juicewrld.jpg

Resource

win10v2004-20250314-en

windows10-2004-x64

2 signatures

150 seconds

Malware Config

Extracted

Family

crimsonrat

C2

185.136.161.124

Targets

- Target
  
  juicewrld.jpeg
- Size
  
  152KB
- MD5
  
  5252a0128845849d952cec74c84cbee7
- SHA1
  
  2c5fce854b92be89c8ac62ba8ae136cdd1029307
- SHA256
  
  dafa62260b8f61cb5d22c73cdc74c43a8c427bc28de420fb33a08f0f312b0b6d
- SHA512
  
  416e886bdf9072682c070a7ef8cfa400815807c8711242e55fc7dd27628156f84cd31fa8c6b66767de4e399cdf5b7c7a139add6180a64ac9f7ff944c79d4a02e
- SSDEEP
  
  3072:SMLL+MWEsIWEovj1GIliHyAHTZ5Vh2sVlv/+Ho8y+H:SM1WEiUI27Vwsrv/s3H
Score

10^/10

crimsonrat discovery rat
- CrimsonRAT main payload
- CrimsonRat
  Crimson RAT is a malware linked to a Pakistani-linked threat actor.
  rat crimsonrat
- Crimsonrat family
  crimsonrat
- Downloads MZ/PE file
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

crimsonratdiscoveryrat

behavioral2

© 2018-2025

Terms | Privacy