General
-
Target
parallax.exe
-
Size
37KB
-
Sample
210721-7p5r49cvgs
-
MD5
4a7bed74f3cf9646b8417195b5e6f4c6
-
SHA1
5fad487e6e1beb22f20abb653343a0dca8c73b1d
-
SHA256
353960d78bf700a0b4a0ea1d41df188f0cc0a3c5a178b73ac64aca01ee3fdb4d
-
SHA512
349a8c5723e0aaf25d743490deea913e5da439394d135e7a9691ffc5618d4bdc3220f06def639a4d611f94c77729471fa6b8c6eac600ba2495db95a95784d8e4
Static task
static1
Behavioral task
behavioral1
Sample
parallax.exe.dll
Resource
win7v20210410
Malware Config
Extracted
systembc
149.248.34.200:4001
Targets
-
-
Target
parallax.exe
-
Size
37KB
-
MD5
4a7bed74f3cf9646b8417195b5e6f4c6
-
SHA1
5fad487e6e1beb22f20abb653343a0dca8c73b1d
-
SHA256
353960d78bf700a0b4a0ea1d41df188f0cc0a3c5a178b73ac64aca01ee3fdb4d
-
SHA512
349a8c5723e0aaf25d743490deea913e5da439394d135e7a9691ffc5618d4bdc3220f06def639a4d611f94c77729471fa6b8c6eac600ba2495db95a95784d8e4
-
Blocklisted process makes network request
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Uses Tor communications
Malware can proxy its traffic through Tor for more anonymity.
-