General

  • Target

    614812173a116f9fbf2ca956993d71b5883f825d17602f873042d79cc79e76f8

  • Size

    6.0MB

  • Sample

    211102-kfa4wacbe3

  • MD5

    9a409403b60186cb143bf9970cc6a676

  • SHA1

    9e135638b94a60bddf1822a1eaece6d98a8da101

  • SHA256

    614812173a116f9fbf2ca956993d71b5883f825d17602f873042d79cc79e76f8

  • SHA512

    4da5965ac5f0ef10584e4a9f372d91cf847548f3a3ee7130a411643928303d843940d7b8f81ed11b8378efe1e00bf18749b2634099edd764381c5727dc6569dd

Malware Config

Targets

    • Target

      614812173a116f9fbf2ca956993d71b5883f825d17602f873042d79cc79e76f8

    • Size

      6.0MB

    • MD5

      9a409403b60186cb143bf9970cc6a676

    • SHA1

      9e135638b94a60bddf1822a1eaece6d98a8da101

    • SHA256

      614812173a116f9fbf2ca956993d71b5883f825d17602f873042d79cc79e76f8

    • SHA512

      4da5965ac5f0ef10584e4a9f372d91cf847548f3a3ee7130a411643928303d843940d7b8f81ed11b8378efe1e00bf18749b2634099edd764381c5727dc6569dd

    • ParallaxRat

      ParallaxRat is a multipurpose RAT written in MASM.

    • ParallaxRat payload

      Detects payload of Parallax Rat, a small portable Rat usually digitally signed with a Sectigo certificate.

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

MITRE ATT&CK Enterprise v6

Tasks