General
-
Target
a352d00e0322a0e397f167c1164f7667c672935ba14d29c4f4b60f26d0a88f5d
-
Size
557KB
-
Sample
220625-v47g4afge5
-
MD5
11db2be72948149d039223e80f20c7bb
-
SHA1
f3c8ad546a0830a6d5eae197ef812479b1520696
-
SHA256
a352d00e0322a0e397f167c1164f7667c672935ba14d29c4f4b60f26d0a88f5d
-
SHA512
38457af6ec05d23d5851ec2f7d7f0e281fd9634df2d44a50db1a75c73c4e8c42bacfd7e77445f83a981e479dbb1cd27250f450900d05bef37f701f590c7bc91a
Static task
static1
Behavioral task
behavioral1
Sample
a352d00e0322a0e397f167c1164f7667c672935ba14d29c4f4b60f26d0a88f5d.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
a352d00e0322a0e397f167c1164f7667c672935ba14d29c4f4b60f26d0a88f5d.exe
Resource
win10v2004-20220414-en
Malware Config
Targets
-
-
Target
a352d00e0322a0e397f167c1164f7667c672935ba14d29c4f4b60f26d0a88f5d
-
Size
557KB
-
MD5
11db2be72948149d039223e80f20c7bb
-
SHA1
f3c8ad546a0830a6d5eae197ef812479b1520696
-
SHA256
a352d00e0322a0e397f167c1164f7667c672935ba14d29c4f4b60f26d0a88f5d
-
SHA512
38457af6ec05d23d5851ec2f7d7f0e281fd9634df2d44a50db1a75c73c4e8c42bacfd7e77445f83a981e479dbb1cd27250f450900d05bef37f701f590c7bc91a
Score10/10-
ParallaxRat payload
Detects payload of Parallax Rat, a small portable Rat usually digitally signed with a Sectigo certificate.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Adds Run key to start application
-