Overview

overview

10

Static

static

389c556e30...6a.exe

windows7_x64

10

389c556e30...6a.exe

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    389c556e30252966f34f1bc23348e182af2c0883771f9c8abe299a8ba54b1f6a

  • Size

    13.6MB

  • Sample

    210825-55z4q96vl2

  • MD5

    415c3aa31822921311e2f080b3814924

  • SHA1

    796231aacfe6bf73ac73e95f1f061307f6c3ae68

  • SHA256

    389c556e30252966f34f1bc23348e182af2c0883771f9c8abe299a8ba54b1f6a

  • SHA512

    637b3feb21e3a4fc497faa5e762d843acb3c2e8688f98cc2f30aaf468d9ac10d62dcbc7736baedb43e677674728afea748dc35acaff1c554ac754e5c8a6eff6a

Score
10/10
parallaxratupx

Malware Config

Targets

    • Target

      389c556e30252966f34f1bc23348e182af2c0883771f9c8abe299a8ba54b1f6a

    • Size

      13.6MB

    • MD5

      415c3aa31822921311e2f080b3814924

    • SHA1

      796231aacfe6bf73ac73e95f1f061307f6c3ae68

    • SHA256

      389c556e30252966f34f1bc23348e182af2c0883771f9c8abe299a8ba54b1f6a

    • SHA512

      637b3feb21e3a4fc497faa5e762d843acb3c2e8688f98cc2f30aaf468d9ac10d62dcbc7736baedb43e677674728afea748dc35acaff1c554ac754e5c8a6eff6a

    Score
    10/10
    parallaxratupx

    • ParallaxRat

      ParallaxRat is a multipurpose RAT written in MASM.

      ratparallax

    • ParallaxRat payload

      Detects payload of Parallax Rat, a small portable Rat usually digitally signed with a Sectigo certificate.

    • Blocklisted process makes network request

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks