General

  • Target

    Scan_Doc.xll

  • Size

    2.5MB

  • Sample

    230721-g6mntada4s

  • MD5

    ba04aac6f4c36a1593fa81ca60722454

  • SHA1

    0ccd54e2ba3088ce59180a21eb7682f479572550

  • SHA256

    55de849673b3d780491bb00996943f1914de77692b1218e798821fe8c22ea55c

  • SHA512

    7ba50edd4530a9820da132d988f8934b096c33f2ace3e5aa0ec8595041f71aca676e354662840238d66496b3b7b01ba377444ccc3564589b6ffd32d587705be9

  • SSDEEP

    49152:G8XR54rGnugTn7g+Zp5Ybl3Qgx8Abu1sG9lmx2bcrMrvHEP31Un:G8Xr4wTnE+Z0l7i1XpwrMDktU

Score
10/10

Malware Config

Extracted

Language
xlm4.0
Source

Targets

    • Target

      Scan_Doc.xll

    • Size

      2.5MB

    • MD5

      ba04aac6f4c36a1593fa81ca60722454

    • SHA1

      0ccd54e2ba3088ce59180a21eb7682f479572550

    • SHA256

      55de849673b3d780491bb00996943f1914de77692b1218e798821fe8c22ea55c

    • SHA512

      7ba50edd4530a9820da132d988f8934b096c33f2ace3e5aa0ec8595041f71aca676e354662840238d66496b3b7b01ba377444ccc3564589b6ffd32d587705be9

    • SSDEEP

      49152:G8XR54rGnugTn7g+Zp5Ybl3Qgx8Abu1sG9lmx2bcrMrvHEP31Un:G8Xr4wTnE+Z0l7i1XpwrMDktU

    Score
    10/10
    • ParallaxRat

      ParallaxRat is a multipurpose RAT written in MASM.

    • ParallaxRat payload

      Detects payload of Parallax Rat, a small portable Rat usually digitally signed with a Sectigo certificate.

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks