General
-
Target
ab711cdbe0142ca44fc643c6741f396e5d027458253a985a2eb8cd9258f94b59.bin
-
Size
3.3MB
-
Sample
211108-ql86rahcdn
-
MD5
bf815840ff00a0c3ba04d47cc2d158ee
-
SHA1
c4852fecddf4aa661b46d61866b2b1e8893b5048
-
SHA256
ab711cdbe0142ca44fc643c6741f396e5d027458253a985a2eb8cd9258f94b59
-
SHA512
c8d97bd92e7d873e45b4ea77032d7f6caebb644a361b2bfdc876b66f2925218082107143d0052b2259404fbfd884c3a8665a61f5640c7e6dd825899038281267
Static task
static1
Behavioral task
behavioral1
Sample
ab711cdbe0142ca44fc643c6741f396e5d027458253a985a2eb8cd9258f94b59.bin.exe
Resource
win7-en-20211014
Malware Config
Targets
-
-
Target
ab711cdbe0142ca44fc643c6741f396e5d027458253a985a2eb8cd9258f94b59.bin
-
Size
3.3MB
-
MD5
bf815840ff00a0c3ba04d47cc2d158ee
-
SHA1
c4852fecddf4aa661b46d61866b2b1e8893b5048
-
SHA256
ab711cdbe0142ca44fc643c6741f396e5d027458253a985a2eb8cd9258f94b59
-
SHA512
c8d97bd92e7d873e45b4ea77032d7f6caebb644a361b2bfdc876b66f2925218082107143d0052b2259404fbfd884c3a8665a61f5640c7e6dd825899038281267
-
ParallaxRat payload
Detects payload of Parallax Rat, a small portable Rat usually digitally signed with a Sectigo certificate.
-
Blocklisted process makes network request
-
Executes dropped EXE
-
Loads dropped DLL
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-