General
-
Target
Scan_Doc.xll
-
Size
2.5MB
-
Sample
230721-g6mntada4s
-
MD5
ba04aac6f4c36a1593fa81ca60722454
-
SHA1
0ccd54e2ba3088ce59180a21eb7682f479572550
-
SHA256
55de849673b3d780491bb00996943f1914de77692b1218e798821fe8c22ea55c
-
SHA512
7ba50edd4530a9820da132d988f8934b096c33f2ace3e5aa0ec8595041f71aca676e354662840238d66496b3b7b01ba377444ccc3564589b6ffd32d587705be9
-
SSDEEP
49152:G8XR54rGnugTn7g+Zp5Ybl3Qgx8Abu1sG9lmx2bcrMrvHEP31Un:G8Xr4wTnE+Z0l7i1XpwrMDktU
Static task
static1
Behavioral task
behavioral1
Sample
Scan_Doc.xll
Resource
win7-20230712-en
Behavioral task
behavioral2
Sample
Scan_Doc.xll
Resource
win10v2004-20230703-en
Malware Config
Extracted
Targets
-
-
Target
Scan_Doc.xll
-
Size
2.5MB
-
MD5
ba04aac6f4c36a1593fa81ca60722454
-
SHA1
0ccd54e2ba3088ce59180a21eb7682f479572550
-
SHA256
55de849673b3d780491bb00996943f1914de77692b1218e798821fe8c22ea55c
-
SHA512
7ba50edd4530a9820da132d988f8934b096c33f2ace3e5aa0ec8595041f71aca676e354662840238d66496b3b7b01ba377444ccc3564589b6ffd32d587705be9
-
SSDEEP
49152:G8XR54rGnugTn7g+Zp5Ybl3Qgx8Abu1sG9lmx2bcrMrvHEP31Un:G8Xr4wTnE+Z0l7i1XpwrMDktU
-
ParallaxRat payload
Detects payload of Parallax Rat, a small portable Rat usually digitally signed with a Sectigo certificate.
-
Drops startup file
-
Executes dropped EXE
-
Loads dropped DLL
-