General
-
Target
4f802e2ae77ec84155954b73d61bde410b93c2a32a1db93c61692889570001f3
-
Size
4.1MB
-
Sample
220201-hrh8hsadgk
-
MD5
c351a6e4fcf4e222def71a4b1dda3773
-
SHA1
064799d1729a4980d44d8a6c5b527b28027e558a
-
SHA256
4f802e2ae77ec84155954b73d61bde410b93c2a32a1db93c61692889570001f3
-
SHA512
f025a22222dd1cc87d35ed2c8000b0127e7636812321375f2e8b8176a3c92ee4ee303c59ba46e1e37b21f6c697948753d5666bcc7973f8c820deed7f54526a44
Static task
static1
Behavioral task
behavioral1
Sample
MAILPRIN.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
MAILPRIN.exe
Resource
win10v2004-en-20220112
Malware Config
Targets
-
-
Target
MAILPRIN.EXE
-
Size
3.6MB
-
MD5
f3657fe3d3aa2264fc487d7d2e35a06a
-
SHA1
85c5b30ebe711953857cc6d5e5c52dc51786c518
-
SHA256
0232fe4b3256a6a4700de482e5e9074baf4548d7604cf4404182be73353ee32f
-
SHA512
f4a1186373821716e75b85405d7e31938902e9d1774d5c897f16baeb31bb0d227406011e6e462875c4a29ebbd85961213b98c780bf80a0e4a54bbbde61236cf4
Score10/10-
ParallaxRat payload
Detects payload of Parallax Rat, a small portable Rat usually digitally signed with a Sectigo certificate.
-
Sets service image path in registry
-
Drops startup file
-