General

  • Target

    725b94d66ecd5e1238401746bc89b063f4ffa5767995119d7bc23ab2ed827c03

  • Size

    2.3MB

  • Sample

    231010-y6jetsbb62

  • MD5

    e9f6a165d0e416dc8b7bd49465a3fa5c

  • SHA1

    d06732939d2084d6db38d820079e840e00a6b4e6

  • SHA256

    725b94d66ecd5e1238401746bc89b063f4ffa5767995119d7bc23ab2ed827c03

  • SHA512

    8baa456ed97889252493663db848ea65f2cf956c81cf69096bfb0c2e76526afda0b73920e2794ad541f9f44773e4a339874b91f59a5dfc34eaa9bd2d1c7b93dd

  • SSDEEP

    49152:8q3QscuJsVPCYc80pixEXY2QpvH8naf9Gion08x2sChdI:80nJsVPBcexz2QpvHqu9GioJ2sChdI

Malware Config

Targets

    • Target

      725b94d66ecd5e1238401746bc89b063f4ffa5767995119d7bc23ab2ed827c03

    • Size

      2.3MB

    • MD5

      e9f6a165d0e416dc8b7bd49465a3fa5c

    • SHA1

      d06732939d2084d6db38d820079e840e00a6b4e6

    • SHA256

      725b94d66ecd5e1238401746bc89b063f4ffa5767995119d7bc23ab2ed827c03

    • SHA512

      8baa456ed97889252493663db848ea65f2cf956c81cf69096bfb0c2e76526afda0b73920e2794ad541f9f44773e4a339874b91f59a5dfc34eaa9bd2d1c7b93dd

    • SSDEEP

      49152:8q3QscuJsVPCYc80pixEXY2QpvH8naf9Gion08x2sChdI:80nJsVPBcexz2QpvHqu9GioJ2sChdI

    • ParallaxRat

      ParallaxRat is a multipurpose RAT written in MASM.

    • ParallaxRat payload

      Detects payload of Parallax Rat, a small portable Rat usually digitally signed with a Sectigo certificate.

    • Drops startup file

    • Reads user/profile data of local email clients

      Email clients store some user data on disk where infostealers will often target it.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Accesses Microsoft Outlook profiles

MITRE ATT&CK Enterprise v15

Tasks