General
-
Target
8c92dfd98d0da124299b28d92ad7b50d6b622e6078992df74a5e7b41261ad008.bin
-
Size
6.0MB
-
Sample
211102-jd44haghdl
-
MD5
36439a5f029df1777b51a34bd454b9d2
-
SHA1
66ab3a5c3f35fad196b07bc91930bcc171b0132f
-
SHA256
8c92dfd98d0da124299b28d92ad7b50d6b622e6078992df74a5e7b41261ad008
-
SHA512
e412f202184412e39e8fed102b042c68e7b65eeb6545096481db3e62e5dfdf641031736f616e1cf7e61e59705473af37a1e7c0c13762cbdc5a6aa5acaace8da9
Static task
static1
Behavioral task
behavioral1
Sample
8c92dfd98d0da124299b28d92ad7b50d6b622e6078992df74a5e7b41261ad008.bin.exe
Resource
win7-en-20211014
Malware Config
Targets
-
-
Target
8c92dfd98d0da124299b28d92ad7b50d6b622e6078992df74a5e7b41261ad008.bin
-
Size
6.0MB
-
MD5
36439a5f029df1777b51a34bd454b9d2
-
SHA1
66ab3a5c3f35fad196b07bc91930bcc171b0132f
-
SHA256
8c92dfd98d0da124299b28d92ad7b50d6b622e6078992df74a5e7b41261ad008
-
SHA512
e412f202184412e39e8fed102b042c68e7b65eeb6545096481db3e62e5dfdf641031736f616e1cf7e61e59705473af37a1e7c0c13762cbdc5a6aa5acaace8da9
-
ParallaxRat payload
Detects payload of Parallax Rat, a small portable Rat usually digitally signed with a Sectigo certificate.
-
Blocklisted process makes network request
-
Executes dropped EXE
-
Loads dropped DLL
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-