Overview

overview

10

Static

static

66dfb7c408...in.exe

windows7_x64

8

66dfb7c408...in.exe

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    66dfb7c408d734edc2967d50244babae27e4268ea93aa0daa5e6bbace607024c.bin

  • Size

    6.9MB

  • Sample

    210727-dgddrxdble

  • MD5

    c6807985e9ac7a2d65b15728934c0a86

  • SHA1

    5d9a604584a5052d5bb7b277be339a1debeaaf59

  • SHA256

    66dfb7c408d734edc2967d50244babae27e4268ea93aa0daa5e6bbace607024c

  • SHA512

    007069f54c3f9ae76056581ded22fe1cb870ca711e2e9b1204fb9584c7918a9dc974b1491614da668a5b45b8463f9994075c525255a72744a03f953dde7b51ac

Score
10/10
parallaxratsuricataupx

Malware Config

Targets

    • Target

      66dfb7c408d734edc2967d50244babae27e4268ea93aa0daa5e6bbace607024c.bin

    • Size

      6.9MB

    • MD5

      c6807985e9ac7a2d65b15728934c0a86

    • SHA1

      5d9a604584a5052d5bb7b277be339a1debeaaf59

    • SHA256

      66dfb7c408d734edc2967d50244babae27e4268ea93aa0daa5e6bbace607024c

    • SHA512

      007069f54c3f9ae76056581ded22fe1cb870ca711e2e9b1204fb9584c7918a9dc974b1491614da668a5b45b8463f9994075c525255a72744a03f953dde7b51ac

    Score
    10/10
    upxparallaxratsuricata

    • ParallaxRat

      ParallaxRat is a multipurpose RAT written in MASM.

      ratparallax

    • ParallaxRat payload

      Detects payload of Parallax Rat, a small portable Rat usually digitally signed with a Sectigo certificate.

    • suricata: ET MALWARE Parallax CnC Response Activity M14

      suricata

    • Blocklisted process makes network request

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks