General

  • Target

    packing list.xlsx.scr

  • Size

    1.3MB

  • Sample

    201016-n963mq3w6x

  • MD5

    4d0a93f479c185879347cff75337de5f

  • SHA1

    ff8159da86f6a43d07831c31b3b702375e71edf5

  • SHA256

    464b01b713a4c97b736dae0ea19855e97a172e7c11e9f7fe9ac0e054326c340c

  • SHA512

    1b4cf2d3df76552bb06e0fed18806911e2e19b545f076f3164532edd36f69ab22ad4c219e84b1f1b68aa5c4cdbeba356a161b71da0be3b95c54ea128fb427c42

Score
10/10

Malware Config

Targets

    • Target

      packing list.xlsx.scr

    • Size

      1.3MB

    • MD5

      4d0a93f479c185879347cff75337de5f

    • SHA1

      ff8159da86f6a43d07831c31b3b702375e71edf5

    • SHA256

      464b01b713a4c97b736dae0ea19855e97a172e7c11e9f7fe9ac0e054326c340c

    • SHA512

      1b4cf2d3df76552bb06e0fed18806911e2e19b545f076f3164532edd36f69ab22ad4c219e84b1f1b68aa5c4cdbeba356a161b71da0be3b95c54ea128fb427c42

    Score
    10/10
    • ParallaxRat

      ParallaxRat is a multipurpose RAT written in MASM.

    • ParallaxRat payload

      Detects payload of Parallax Rat, a small portable Rat usually digitally signed with a Sectigo certificate.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks