Overview

overview

10

Static

static

1

e1104876eb...18.exe

windows7-x64

10

e1104876eb...18.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    e1104876ebb32f85d47d8b477eea655b_JaffaCakes118

  • Size

    5.2MB

  • Sample

    240914-z74ylaxcqa

  • MD5

    e1104876ebb32f85d47d8b477eea655b

  • SHA1

    021341b0025363363982cd57afe27451eb9774e3

  • SHA256

    6f8fc539952555b057adf7810aca782a29f8f624e1d46a0f4732db3763130725

  • SHA512

    73601b1f7b165b03ecb1512c56fbbdc9600153d950ac668a937650ac0e65ab8bd03a4112c61b35b28909e0196ab415e0972eca8cbb456f7f07b62109242635aa

  • SSDEEP

    49152:EMCjldY2S7LVEl0myvU9WrPC+X8zybKjS5fyu9KkmqEj/wf779WkXHqXWXP:AjqSV7WrPC08uPKkSwf7DHqXWf

Score
10/10
parallaxdiscoveryrat

Malware Config

Targets

    • Target

      e1104876ebb32f85d47d8b477eea655b_JaffaCakes118

    • Size

      5.2MB

    • MD5

      e1104876ebb32f85d47d8b477eea655b

    • SHA1

      021341b0025363363982cd57afe27451eb9774e3

    • SHA256

      6f8fc539952555b057adf7810aca782a29f8f624e1d46a0f4732db3763130725

    • SHA512

      73601b1f7b165b03ecb1512c56fbbdc9600153d950ac668a937650ac0e65ab8bd03a4112c61b35b28909e0196ab415e0972eca8cbb456f7f07b62109242635aa

    • SSDEEP

      49152:EMCjldY2S7LVEl0myvU9WrPC+X8zybKjS5fyu9KkmqEj/wf779WkXHqXWXP:AjqSV7WrPC08uPKkSwf7DHqXWf

    Score
    10/10
    parallaxdiscoveryrat

    • ParallaxRat

      ParallaxRat is a multipurpose RAT written in MASM.

      ratparallax

    • ParallaxRat payload

      Detects payload of Parallax Rat, a small portable Rat usually digitally signed with a Sectigo certificate.

    • Blocklisted process makes network request

    • Drops startup file

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks