General

  • Target

    0x0004000000004ed7-39

  • Size

    894KB

  • Sample

    230901-wtwtaagh27

  • MD5

    15f6043283bca82a89fe8bfe9437d95f

  • SHA1

    e095820f8ef5a81e6cd6d8769d10196fb95a815f

  • SHA256

    05a4408dde667582f0c04b49264be872c5502499814530d3e1880fc403e09a9e

  • SHA512

    dc1587897e8e0dc73bf422a2edf5c50b351b2480b84cac419fe70b5af4a2ac42b5a2d4761af24da3366675c5cc39fe3173694c1b0a6f516fd6d4b3537634666e

  • SSDEEP

    24576:D0VOCg6fsQsenEYTHKRCXT4QmeL3eGdYTz47btorrG:E/trTq0X3/Om

Score
10/10

Malware Config

Targets

    • Target

      0x0004000000004ed7-39

    • Size

      894KB

    • MD5

      15f6043283bca82a89fe8bfe9437d95f

    • SHA1

      e095820f8ef5a81e6cd6d8769d10196fb95a815f

    • SHA256

      05a4408dde667582f0c04b49264be872c5502499814530d3e1880fc403e09a9e

    • SHA512

      dc1587897e8e0dc73bf422a2edf5c50b351b2480b84cac419fe70b5af4a2ac42b5a2d4761af24da3366675c5cc39fe3173694c1b0a6f516fd6d4b3537634666e

    • SSDEEP

      24576:D0VOCg6fsQsenEYTHKRCXT4QmeL3eGdYTz47btorrG:E/trTq0X3/Om

    Score
    10/10
    • ParallaxRat

      ParallaxRat is a multipurpose RAT written in MASM.

    • ParallaxRat payload

      Detects payload of Parallax Rat, a small portable Rat usually digitally signed with a Sectigo certificate.

    • Executes dropped EXE

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

    • Suspicious use of NtSetInformationThreadHideFromDebugger

MITRE ATT&CK Enterprise v15

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.