Overview

overview

10

Static

static

efeae42fa3...d1.exe

windows7_x64

8

efeae42fa3...d1.exe

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    efeae42fa3e5f7e5b088384977e2cfc9296e26c53437c138c4e711a8815eaed1

  • Size

    10.1MB

  • Sample

    211021-mdnnasbabn

  • MD5

    a65903fca5089fb8959cd9ea6c96da3b

  • SHA1

    0937bbe1199fdca67cad8836e0b3b109aead8fb6

  • SHA256

    efeae42fa3e5f7e5b088384977e2cfc9296e26c53437c138c4e711a8815eaed1

  • SHA512

    5522fed40404d9eebadf550daaa7461c49bd0f95e397cf4c6564d993306877259bd32c2ee1ee234a2e5210ee52bbc0aea8248c2f1556e77b321ebd93348f9dcd

Score
10/10
parallaxratsuricataupx

Malware Config

Targets

    • Target

      efeae42fa3e5f7e5b088384977e2cfc9296e26c53437c138c4e711a8815eaed1

    • Size

      10.1MB

    • MD5

      a65903fca5089fb8959cd9ea6c96da3b

    • SHA1

      0937bbe1199fdca67cad8836e0b3b109aead8fb6

    • SHA256

      efeae42fa3e5f7e5b088384977e2cfc9296e26c53437c138c4e711a8815eaed1

    • SHA512

      5522fed40404d9eebadf550daaa7461c49bd0f95e397cf4c6564d993306877259bd32c2ee1ee234a2e5210ee52bbc0aea8248c2f1556e77b321ebd93348f9dcd

    Score
    10/10
    upxparallaxratsuricata

    • ParallaxRat

      ParallaxRat is a multipurpose RAT written in MASM.

      ratparallax

    • ParallaxRat payload

      Detects payload of Parallax Rat, a small portable Rat usually digitally signed with a Sectigo certificate.

    • suricata: ET MALWARE Parallax CnC Response Activity M14

      suricata: ET MALWARE Parallax CnC Response Activity M14

      suricata

    • Blocklisted process makes network request

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks