Overview

overview

10

Static

static

1

NEAS.110e1...JC.exe

windows7-x64

10

NEAS.110e1...JC.exe

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    NEAS.110e151e2f3c73e3446b514239d3f870_JC.exe

  • Size

    201KB

  • Sample

    231014-pzxt7seb71

  • MD5

    110e151e2f3c73e3446b514239d3f870

  • SHA1

    081538124532e6fa5e1850ff981974dd572486a1

  • SHA256

    2258485a001275cbcd9a02295be7876f036c6ae2df923ed5c00c3f07e32eb06a

  • SHA512

    505a3554cd18d66f01c472479bc267c9e3b9d031109df88476aefe9829361d6ad4cb681346c79eb113328faa0b2589376b5903a5ea30387af4b1f2e08baec15c

  • SSDEEP

    6144:Hza2Nj+MLxwkcWTq/81DDiSTz9nqEja3TXU0xtFl:HqEjk7l7Fl

Score
10/10
parallaxpersistenceratupx

Malware Config

Targets

    • Target

      NEAS.110e151e2f3c73e3446b514239d3f870_JC.exe

    • Size

      201KB

    • MD5

      110e151e2f3c73e3446b514239d3f870

    • SHA1

      081538124532e6fa5e1850ff981974dd572486a1

    • SHA256

      2258485a001275cbcd9a02295be7876f036c6ae2df923ed5c00c3f07e32eb06a

    • SHA512

      505a3554cd18d66f01c472479bc267c9e3b9d031109df88476aefe9829361d6ad4cb681346c79eb113328faa0b2589376b5903a5ea30387af4b1f2e08baec15c

    • SSDEEP

      6144:Hza2Nj+MLxwkcWTq/81DDiSTz9nqEja3TXU0xtFl:HqEjk7l7Fl

    Score
    10/10
    parallaxpersistenceratupx

    • ParallaxRat

      ParallaxRat is a multipurpose RAT written in MASM.

      ratparallax

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Adds Run key to start application

      persistence

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks