General

  • Target

    diagnostic.exe

  • Size

    2.0MB

  • Sample

    210203-9k55pxfwqj

  • MD5

    56116fa25cf66f595374b8ce3a1b4e2c

  • SHA1

    c50b220f1193a75198f7dadaafa2d0f045f9449a

  • SHA256

    3361515c7847b7f3aa44b45da30581ad9e5af35fdc2489ff95d312a3f4a5e4a7

  • SHA512

    7e87dbc5d91ac0f23156269931fa0639a292a764c43e7379df0aeee9b43c0a96395b77f33f96fe5c1e6c6dfd6299fb7c6ab46416c0eb55655f704d5605a36568

Score
10/10

Malware Config

Targets

    • Target

      diagnostic.exe

    • Size

      2.0MB

    • MD5

      56116fa25cf66f595374b8ce3a1b4e2c

    • SHA1

      c50b220f1193a75198f7dadaafa2d0f045f9449a

    • SHA256

      3361515c7847b7f3aa44b45da30581ad9e5af35fdc2489ff95d312a3f4a5e4a7

    • SHA512

      7e87dbc5d91ac0f23156269931fa0639a292a764c43e7379df0aeee9b43c0a96395b77f33f96fe5c1e6c6dfd6299fb7c6ab46416c0eb55655f704d5605a36568

    Score
    10/10
    • ParallaxRat

      ParallaxRat is a multipurpose RAT written in MASM.

    • ParallaxRat payload

      Detects payload of Parallax Rat, a small portable Rat usually digitally signed with a Sectigo certificate.

    • Blocklisted process makes network request

    • Drops startup file

    • Enumerates physical storage devices

      Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.

MITRE ATT&CK Enterprise v6

Tasks