Overview

overview

10

Static

static

88c109e8bc...in.exe

windows7_x64

10

88c109e8bc...in.exe

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    88c109e8bca8a35c02efa6ce6f27bb714d16623382cd8181011e8776c5f017a5.bin

  • Size

    10.1MB

  • Sample

    210906-lr7snaeafp

  • MD5

    5869105d4b319a612a5e25fa265fd85d

  • SHA1

    6988b2e332875d33524fdb2b7c63001f8a064fe7

  • SHA256

    88c109e8bca8a35c02efa6ce6f27bb714d16623382cd8181011e8776c5f017a5

  • SHA512

    735dd900728415dc25ea99c49f1dd49ceb9a02116f17333ff313fc8519aa7c5be12c8898be632eba473a7afa26f7e70f87f2396903b5e777d12d158078e63dc2

Score
10/10
parallaxratupx

Malware Config

Targets

    • Target

      88c109e8bca8a35c02efa6ce6f27bb714d16623382cd8181011e8776c5f017a5.bin

    • Size

      10.1MB

    • MD5

      5869105d4b319a612a5e25fa265fd85d

    • SHA1

      6988b2e332875d33524fdb2b7c63001f8a064fe7

    • SHA256

      88c109e8bca8a35c02efa6ce6f27bb714d16623382cd8181011e8776c5f017a5

    • SHA512

      735dd900728415dc25ea99c49f1dd49ceb9a02116f17333ff313fc8519aa7c5be12c8898be632eba473a7afa26f7e70f87f2396903b5e777d12d158078e63dc2

    Score
    10/10
    parallaxratupx

    • ParallaxRat

      ParallaxRat is a multipurpose RAT written in MASM.

      ratparallax

    • ParallaxRat payload

      Detects payload of Parallax Rat, a small portable Rat usually digitally signed with a Sectigo certificate.

    • Blocklisted process makes network request

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks