General
-
Target
d6c31353e7839916fe4792fd8a46e7ba46e414293104ed8e96112c0de70a4876
-
Size
5.2MB
-
Sample
211028-p7hegsgdbn
-
MD5
108a4002c63e362c2d22ebb9f409e94c
-
SHA1
3f150d1d4f5461306f60d904302cf96cfd3103ef
-
SHA256
d6c31353e7839916fe4792fd8a46e7ba46e414293104ed8e96112c0de70a4876
-
SHA512
8ab9feda41bf0f3e19ce130354f47df938bcb4a5ef8a048a8401e899ee9b7b0a997662e8742688fc8fef190f26560e409ecff749cd2743aa8d0d4a0af384bfbc
Static task
static1
Behavioral task
behavioral1
Sample
d6c31353e7839916fe4792fd8a46e7ba46e414293104ed8e96112c0de70a4876.exe
Resource
win7-en-20211014
Malware Config
Targets
-
-
Target
d6c31353e7839916fe4792fd8a46e7ba46e414293104ed8e96112c0de70a4876
-
Size
5.2MB
-
MD5
108a4002c63e362c2d22ebb9f409e94c
-
SHA1
3f150d1d4f5461306f60d904302cf96cfd3103ef
-
SHA256
d6c31353e7839916fe4792fd8a46e7ba46e414293104ed8e96112c0de70a4876
-
SHA512
8ab9feda41bf0f3e19ce130354f47df938bcb4a5ef8a048a8401e899ee9b7b0a997662e8742688fc8fef190f26560e409ecff749cd2743aa8d0d4a0af384bfbc
-
ParallaxRat payload
Detects payload of Parallax Rat, a small portable Rat usually digitally signed with a Sectigo certificate.
-
Blocklisted process makes network request
-
Executes dropped EXE
-
Loads dropped DLL
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-