Phishing email attachments deliver Crimson RAT

Summary

With a malicious intent to attack financial institutions, attackers deliver Crimson RAT via email attachments and links shared through phishing emails. 

The Carrier

  • Two separate spear-phishing email campaigns¬†deliver Crimson RAT through an attachment and a link.
  • The link sent through mail contains a malicious PE (executable) file. It has two ZIP files and a DOC file embedded in the resource section.
  • The attachment sent along with the email has an embedded malicious macro

Table of Contents

Request an easy and customized demo for free