General
-
Target
phantomm.exe
-
Size
530KB
-
Sample
210415-nkq9aylc1a
-
MD5
b1c3e5d3e9e68b69e982d4e04eee6d15
-
SHA1
0af0726ba9a6b7f36da1520f01684fb87b263910
-
SHA256
dffcb738108f42f0156363e07bbf21004e17faa3cbb5021bca9a175d69e859e0
-
SHA512
7c30c9fc34031fee3d0ec809d1208f93447e702168f1874b130e917e9e61172f68fbd4d6d28c120462b8294d78738ccadf0d04dcc71d4dd145397ea8250cfc44
Static task
static1
Behavioral task
behavioral1
Sample
phantomm.exe
Resource
win7v20210410
Behavioral task
behavioral2
Sample
phantomm.exe
Resource
win10v20210408
Malware Config
Extracted
raccoon
16992cd33145ccbb6feeacb4e84400a56448fa14
-
url4cnc
https://telete.in/baudemars
Targets
-
-
Target
phantomm.exe
-
Size
530KB
-
MD5
b1c3e5d3e9e68b69e982d4e04eee6d15
-
SHA1
0af0726ba9a6b7f36da1520f01684fb87b263910
-
SHA256
dffcb738108f42f0156363e07bbf21004e17faa3cbb5021bca9a175d69e859e0
-
SHA512
7c30c9fc34031fee3d0ec809d1208f93447e702168f1874b130e917e9e61172f68fbd4d6d28c120462b8294d78738ccadf0d04dcc71d4dd145397ea8250cfc44
-
Deletes itself
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-