Overview

overview

10

Static

static

8bed7d919d...76.exe

windows7_x64

10

8bed7d919d...76.exe

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    8bed7d919d14af37a609f7c0501d58405e51ee10b3b129fbe25e040a3dd3a576

  • Size

    2.6MB

  • Sample

    211027-k3bc6abch2

  • MD5

    070fda7ec3fff56936fc67efb7b783eb

  • SHA1

    eba99aa986390748c0be4287fffbf6b98609db3b

  • SHA256

    8bed7d919d14af37a609f7c0501d58405e51ee10b3b129fbe25e040a3dd3a576

  • SHA512

    79e695eb97f902bd1ce94b1f862ed79228188f1424e5f28e00cf2013f616581f362c2a016eabd31c308654a05ef33f3805a2add22ad09aa4e62a875386f4fd6d

Score
10/10
parallaxratspywarestealer

Malware Config

Targets

    • Target

      8bed7d919d14af37a609f7c0501d58405e51ee10b3b129fbe25e040a3dd3a576

    • Size

      2.6MB

    • MD5

      070fda7ec3fff56936fc67efb7b783eb

    • SHA1

      eba99aa986390748c0be4287fffbf6b98609db3b

    • SHA256

      8bed7d919d14af37a609f7c0501d58405e51ee10b3b129fbe25e040a3dd3a576

    • SHA512

      79e695eb97f902bd1ce94b1f862ed79228188f1424e5f28e00cf2013f616581f362c2a016eabd31c308654a05ef33f3805a2add22ad09aa4e62a875386f4fd6d

    Score
    10/10
    parallaxratspywarestealer

    • ParallaxRat

      ParallaxRat is a multipurpose RAT written in MASM.

      ratparallax

    • ParallaxRat payload

      Detects payload of Parallax Rat, a small portable Rat usually digitally signed with a Sectigo certificate.

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks