General

  • Target

    88477944391273032e6d823165775f6bd063b938f23969c4d2bb9fbe0dfed52e

  • Size

    368KB

  • Sample

    220524-1mv1madadm

  • MD5

    83105323fc94c3501160918c1ba9c808

  • SHA1

    f4487411e8a277c40eb1005416029b9d7d58c46c

  • SHA256

    88477944391273032e6d823165775f6bd063b938f23969c4d2bb9fbe0dfed52e

  • SHA512

    86c2e89813b400c896af55d3f6b4a0e6749de674cdc363e95bb1d65cfcd0a1bc454bec2d2617edbbe37838828f4ca3ba523a55a8982c2d061efa70131fdb831d

Malware Config

Targets

    • Target

      88477944391273032e6d823165775f6bd063b938f23969c4d2bb9fbe0dfed52e

    • Size

      368KB

    • MD5

      83105323fc94c3501160918c1ba9c808

    • SHA1

      f4487411e8a277c40eb1005416029b9d7d58c46c

    • SHA256

      88477944391273032e6d823165775f6bd063b938f23969c4d2bb9fbe0dfed52e

    • SHA512

      86c2e89813b400c896af55d3f6b4a0e6749de674cdc363e95bb1d65cfcd0a1bc454bec2d2617edbbe37838828f4ca3ba523a55a8982c2d061efa70131fdb831d

    • ParallaxRat

      ParallaxRat is a multipurpose RAT written in MASM.

    • ParallaxRat payload

      Detects payload of Parallax Rat, a small portable Rat usually digitally signed with a Sectigo certificate.

    • Adds Run key to start application

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v6

Tasks