General

  • Target

    66cb84b7b5d9470bb4c6b491b5911c971aa7cca6fe03573868212a9b117a48be

  • Size

    33KB

  • Sample

    210104-lf3r8dw8sj

  • MD5

    27c9477f14015cf13c9a0ad87e0f3e9d

  • SHA1

    40cd3667f8f5b2f97e193c3292fa5d975256d4c2

  • SHA256

    66cb84b7b5d9470bb4c6b491b5911c971aa7cca6fe03573868212a9b117a48be

  • SHA512

    f2047d116e39309c9f72e96981468f6264f76d1e33c7f1db757773684f503740dc763d8d68f24dbed4a1dfb43a04103b6ef79fc9549641f9a70f27deb17b6922

Malware Config

Targets

    • Target

      66cb84b7b5d9470bb4c6b491b5911c971aa7cca6fe03573868212a9b117a48be

    • Size

      33KB

    • MD5

      27c9477f14015cf13c9a0ad87e0f3e9d

    • SHA1

      40cd3667f8f5b2f97e193c3292fa5d975256d4c2

    • SHA256

      66cb84b7b5d9470bb4c6b491b5911c971aa7cca6fe03573868212a9b117a48be

    • SHA512

      f2047d116e39309c9f72e96981468f6264f76d1e33c7f1db757773684f503740dc763d8d68f24dbed4a1dfb43a04103b6ef79fc9549641f9a70f27deb17b6922

    • Phorphiex Payload

    • Phorphiex Worm

      Malware family which infects systems to distribute other malicious payloads such as ransomware, stealers and cryptominers.

    • Windows security bypass

    • Executes dropped EXE

    • Loads dropped DLL

    • Windows security modification

    • Adds Run key to start application

MITRE ATT&CK Enterprise v6

Tasks