parallax | 94510c2d7148d7375fb511b7489a23d5fc37db9919f4569bfaec9ee913a87240 | Triage

Sharing

General

Target

8X.rar
Size

2.0MB
Sample

230205-lcdk9scc7t
MD5

152d2cba0253fa560eed0a91b69edaa4
SHA1

0937bcb799aae2ae4e19d68a81687de001fdeaab
SHA256

94510c2d7148d7375fb511b7489a23d5fc37db9919f4569bfaec9ee913a87240
SHA512

9c79038111d7100683e6997ff7544d0f2c670746eb5a4bd12f3963e33ee1ad6c25c9e2ec46bfc8f47f5c79e717d02eb57d0b51c9d4af3f99c49d0b60d9af2a9f
SSDEEP

49152:+k8XL2SHv1toc+/dU8tMvuDdWXNw+Kx1T8TFO00kl:+kiLnNto//djtMvxCn5iF5x

Score

10^/10

parallax rat

Malware Config

Targets

- Target
  
  8X/Code_Of_Conduct_-_2023(EN-US).exe
- Size
  
  3.1MB
- MD5
  
  e82211b4675c0f9d9bf66e4d8cc21f33
- SHA1
  
  752f2b5cd8212637c6bb33e103be01bf18abd1e0
- SHA256
  
  dfd6626c2da60e9af7b6a1fefa726056239aa675022542ca69e0cf7f3db35fe4
- SHA512
  
  92ff39ff6dadea5d98352d9ab6c4ba256a68a087b2030f1803b772f0f5f85723b450a7ce80b25361f16dfca47edca724868a26f11fce6050280a80c858cf6311
- SSDEEP
  
  24576:VcqJge1JYGhCP3dbTb2XShCFVshuhBcomEl+11sHLYx9ptbVT/QgI:myXALoh+KYVbVe
Score

10^/10

parallax rat
- ParallaxRat
  ParallaxRat is a multipurpose RAT written in MASM.
  rat parallax
- ParallaxRat payload
  Detects payload of Parallax Rat, a small portable Rat usually digitally signed with a Sectigo certificate.
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Drops startup file
behavioral1 behavioral2
- Target
  
  8X/MEXCGBL_COC_JAN23(JP).pdf.exe
- Size
  
  3.2MB
- MD5
  
  4213034709d158d906bc9f6c939a60cd
- SHA1
  
  6a9be511949d2f973150b4a110d4b881407f3575
- SHA256
  
  996032d5038305591ff35a216874b4ecc748d3c1237442b532bb053b0a932c6c
- SHA512
  
  e46e73321676ceaae08dc5b6241697eb3d64ab7b6c1f2a1c23f09932435ebac52a447b1ebdd942c668f0505195daaa28486d44de8cd9f7319765f319668a5495
- SSDEEP
  
  24576:bcqJge1JYGhCP3dbTb2XShCFVshuhBcomEl+11sILYx9pn0VTVL79eWP:EyXALoh+9YvWTtZp
Score

10^/10

parallax rat
- ParallaxRat
  ParallaxRat is a multipurpose RAT written in MASM.
  rat parallax
- ParallaxRat payload
  Detects payload of Parallax Rat, a small portable Rat usually digitally signed with a Sectigo certificate.
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Drops startup file
behavioral3 behavioral4
- Target
  
  8X/MEXCGBL_COC_JAN23(ZH-CN).pdf.exe
- Size
  
  3.2MB
- MD5
  
  7cb20a78a093bc41d110dbaf57fcd296
- SHA1
  
  a0894924c96a58f6a1e187d4df68a47716fdf94f
- SHA256
  
  31430b192bffe611f9c0699ea7b637fbbc0cc1fb58349aab32fa0e1d9b33bc46
- SHA512
  
  36b805d9eadfb4730dadecf18685f7e1b0c2ee9b990f44f1d16b9367ff76e3475a67595f32cf7848b361dbc2c1527959318d8462e7aed31b92154ef518a24dcc
- SSDEEP
  
  24576:rcqJge1JYGhCP3dbTb2XShCFVshuhBcomEl+11spLYx9pYH5SoqhkE2:0yXALoh+QYQH5Soqhk
Score

10^/10

parallax rat
- ParallaxRat
  ParallaxRat is a multipurpose RAT written in MASM.
  rat parallax
- ParallaxRat payload
  Detects payload of Parallax Rat, a small portable Rat usually digitally signed with a Sectigo certificate.
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Drops startup file
behavioral5 behavioral6

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6