CrimsonRAT

CrimsonRAT APT36 Transparent Tribe Pakistan 2017. ICWA Mumbai India diplomatic lure. java-for-minecraft.com. .NET+Delphi.

Threat Profile
Type RAT
Programming Language.NET
C2 ProtocolTCP
First Seen2018
Targets Hindistan, Pakistan — hukumet, savunma, think-tank
Purpose / Capabilities
  • Cyber Espionage
  • File Theft
  • Remote Access

C2 Servers 2

2 Active
Address Port Protocol Status Action
java-for-minecraft.com
80 HTTP Active
java-for-minecraft.com
80 HTTP Active

⚠ C2 addresses are shared solely for threat intelligence and defensive purposes. Unauthorized access to these addresses constitutes a criminal offense.

Research Reports (3)

Critical

CrimsonRAT/APT36 -- ICWA Hindistan Diplomatik Davet Mektubu Lure, java-for-minecraft.com | Kritik

CrimsonRAT APT36 Transparent Tribe 4.7MB. Invitation-Letter-Fazel-Mumbai-House-ICWA lure. java-for-minecraft.com sahte Java.

Read Report →
Critical

CrimsonRAT -- Davet Mektubu Mumbai Lure, java-for-minecraft.com C2, Hint APT | Kritik

CrimsonRAT ISO. Mumbai davet mektubu lure. CLEARTEXT C2: java-for-minecraft.com. Hint APT hedefleme.

Read Report →
Critical

CrimsonRAT ISO Dropper — APT36 ICWA India Lure, TLauncher Persistence, PowerShell Unblock | Kritik

CrimsonRAT ISO dropper — APT36 hedefli ICWA India think-tank daveti, TLauncher.exe kalicilik, PowerShell Unblock-File bypass.

Read Report →