Overview

overview

10

Static

static

1

SecuriteIn...95.exe

windows7-x64

10

SecuriteIn...95.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    SecuriteInfo.com.BackDoor.Rat.457.10085.3095.exe

  • Size

    2.3MB

  • Sample

    231010-3st2mabb29

  • MD5

    e9f6a165d0e416dc8b7bd49465a3fa5c

  • SHA1

    d06732939d2084d6db38d820079e840e00a6b4e6

  • SHA256

    725b94d66ecd5e1238401746bc89b063f4ffa5767995119d7bc23ab2ed827c03

  • SHA512

    8baa456ed97889252493663db848ea65f2cf956c81cf69096bfb0c2e76526afda0b73920e2794ad541f9f44773e4a339874b91f59a5dfc34eaa9bd2d1c7b93dd

  • SSDEEP

    49152:8q3QscuJsVPCYc80pixEXY2QpvH8naf9Gion08x2sChdI:80nJsVPBcexz2QpvHqu9GioJ2sChdI

Score
10/10
parallaxrat

Malware Config

Targets

    • Target

      SecuriteInfo.com.BackDoor.Rat.457.10085.3095.exe

    • Size

      2.3MB

    • MD5

      e9f6a165d0e416dc8b7bd49465a3fa5c

    • SHA1

      d06732939d2084d6db38d820079e840e00a6b4e6

    • SHA256

      725b94d66ecd5e1238401746bc89b063f4ffa5767995119d7bc23ab2ed827c03

    • SHA512

      8baa456ed97889252493663db848ea65f2cf956c81cf69096bfb0c2e76526afda0b73920e2794ad541f9f44773e4a339874b91f59a5dfc34eaa9bd2d1c7b93dd

    • SSDEEP

      49152:8q3QscuJsVPCYc80pixEXY2QpvH8naf9Gion08x2sChdI:80nJsVPBcexz2QpvHqu9GioJ2sChdI

    Score
    10/10
    parallaxrat

    • ParallaxRat

      ParallaxRat is a multipurpose RAT written in MASM.

      ratparallax

    • ParallaxRat payload

      Detects payload of Parallax Rat, a small portable Rat usually digitally signed with a Sectigo certificate.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Drops startup file

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks