General
-
Target
Inv_Scan.xll
-
Size
2.5MB
-
Sample
230721-g6mzkscc79
-
MD5
28223a48365919fe673c3b77e9e1c9a1
-
SHA1
70ecae9573833bb7fd848888d93a384e70ba86d2
-
SHA256
27b642f76bef353065bb7643f082547b8df2817e1403646ec231744a36f1e292
-
SHA512
8511b778a8c8af105af06f1929e3f92eaf8dc9fedff6aef2a21bbccaa6ca3e44133b5aaca2d7f67ef8981c602c844bd045d0bf1a4fd3f0ba42d241848b0df005
-
SSDEEP
49152:7hXR54rGnugTn7g+Zp5Ybl3Qgx8Abu1sG9lmx2bcrMrvHEP31U:7hXr4wTnE+Z0l7i1XpwrMDktU
Static task
static1
Behavioral task
behavioral1
Sample
Inv_Scan.xll
Resource
win7-20230712-en
Malware Config
Extracted
Targets
-
-
Target
Inv_Scan.xll
-
Size
2.5MB
-
MD5
28223a48365919fe673c3b77e9e1c9a1
-
SHA1
70ecae9573833bb7fd848888d93a384e70ba86d2
-
SHA256
27b642f76bef353065bb7643f082547b8df2817e1403646ec231744a36f1e292
-
SHA512
8511b778a8c8af105af06f1929e3f92eaf8dc9fedff6aef2a21bbccaa6ca3e44133b5aaca2d7f67ef8981c602c844bd045d0bf1a4fd3f0ba42d241848b0df005
-
SSDEEP
49152:7hXR54rGnugTn7g+Zp5Ybl3Qgx8Abu1sG9lmx2bcrMrvHEP31U:7hXr4wTnE+Z0l7i1XpwrMDktU
-
ParallaxRat payload
Detects payload of Parallax Rat, a small portable Rat usually digitally signed with a Sectigo certificate.
-
Drops startup file
-
Executes dropped EXE
-
Loads dropped DLL
-