General
-
Target
packing list.xlsx.scr
-
Size
1.3MB
-
Sample
201016-n963mq3w6x
-
MD5
4d0a93f479c185879347cff75337de5f
-
SHA1
ff8159da86f6a43d07831c31b3b702375e71edf5
-
SHA256
464b01b713a4c97b736dae0ea19855e97a172e7c11e9f7fe9ac0e054326c340c
-
SHA512
1b4cf2d3df76552bb06e0fed18806911e2e19b545f076f3164532edd36f69ab22ad4c219e84b1f1b68aa5c4cdbeba356a161b71da0be3b95c54ea128fb427c42
Static task
static1
Behavioral task
behavioral1
Sample
packing list.xlsx.scr
Resource
win7v200722
Malware Config
Targets
-
-
Target
packing list.xlsx.scr
-
Size
1.3MB
-
MD5
4d0a93f479c185879347cff75337de5f
-
SHA1
ff8159da86f6a43d07831c31b3b702375e71edf5
-
SHA256
464b01b713a4c97b736dae0ea19855e97a172e7c11e9f7fe9ac0e054326c340c
-
SHA512
1b4cf2d3df76552bb06e0fed18806911e2e19b545f076f3164532edd36f69ab22ad4c219e84b1f1b68aa5c4cdbeba356a161b71da0be3b95c54ea128fb427c42
-
ParallaxRat payload
Detects payload of Parallax Rat, a small portable Rat usually digitally signed with a Sectigo certificate.
-
Suspicious use of SetThreadContext
-