parallax | eaf13f18a618c5549e6e7bb31f5266696a479629eb4071a6c5e0a53875a6f23a | Triage

Submit
Reports

Overview

overview

Static

static

3

1f28f2fc01...19.exe

windows7-x64

1f28f2fc01...19.exe

windows10-2004-x64

Sharing

General

Target

1f28f2fc01466d9ffe441c4298c7f619
Size

197KB
Sample

231230-2w7w8aacc7
MD5

1f28f2fc01466d9ffe441c4298c7f619
SHA1

fb442db1800bc37869301d88f17c87721851faa9
SHA256

eaf13f18a618c5549e6e7bb31f5266696a479629eb4071a6c5e0a53875a6f23a
SHA512

7e9614ee134c2840c0c5281f823afee873940ce2c6dd6c28205c635a5af5200ed9e6fa4572c2975751e213c519ea16416776b943b3538ebf835bd1ee7e2c27bb
SSDEEP

6144:kDJO1gSkiLDQ7yfVhjTUDLjdPs4MDFR7r2ckixuCkUdXi:Cu47+5UvZq9yOXS

Score

10^/10

parallax persistence rat

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

1f28f2fc01466d9ffe441c4298c7f619.exe

Resource

win7-20231215-en

parallax persistence rat

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

1f28f2fc01466d9ffe441c4298c7f619.exe

Resource

win10v2004-20231222-en

windows10-2004-x64

3 signatures

150 seconds

Malware Config

Targets

- Target
  
  1f28f2fc01466d9ffe441c4298c7f619
- Size
  
  197KB
- MD5
  
  1f28f2fc01466d9ffe441c4298c7f619
- SHA1
  
  fb442db1800bc37869301d88f17c87721851faa9
- SHA256
  
  eaf13f18a618c5549e6e7bb31f5266696a479629eb4071a6c5e0a53875a6f23a
- SHA512
  
  7e9614ee134c2840c0c5281f823afee873940ce2c6dd6c28205c635a5af5200ed9e6fa4572c2975751e213c519ea16416776b943b3538ebf835bd1ee7e2c27bb
- SSDEEP
  
  6144:kDJO1gSkiLDQ7yfVhjTUDLjdPs4MDFR7r2ckixuCkUdXi:Cu47+5UvZq9yOXS
Score

10^/10

parallax persistence rat
- Modifies WinLogon for persistence
  persistence
- ParallaxRat
  ParallaxRat is a multipurpose RAT written in MASM.
  rat parallax
- ParallaxRat payload
  Detects payload of Parallax Rat, a small portable Rat usually digitally signed with a Sectigo certificate.
- Executes dropped EXE
- Loads dropped DLL
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

parallaxpersistencerat

behavioral2

© 2018-2025

Terms | Privacy