Overview

overview

10

Static

static

0a052eff71...84.exe

windows7_x64

10

0a052eff71...84.exe

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    0a052eff71641ff91897af5bdecb4a98ed3cb32bcb6ff86c4396b1e3ceee0184

  • Size

    949KB

  • Sample

    210511-pp3lhyqdfs

  • MD5

    1daca30b2b6c0ef60e02df04e656e990

  • SHA1

    c1f6f1e1a27e7be32a3f18440c05951fa7e52eb9

  • SHA256

    0a052eff71641ff91897af5bdecb4a98ed3cb32bcb6ff86c4396b1e3ceee0184

  • SHA512

    7f547f46e21ffe3c764050b081621c5df5046be118eb2765e546ce3fa3c3ed7541dbe0dc4deca85c682a1122d78a528614eac6c6684adcfae5e2f215f3651b52

Score
10/10
phorphiexevasionloaderpersistencetrojanworm

Malware Config

Targets

    • Target

      0a052eff71641ff91897af5bdecb4a98ed3cb32bcb6ff86c4396b1e3ceee0184

    • Size

      949KB

    • MD5

      1daca30b2b6c0ef60e02df04e656e990

    • SHA1

      c1f6f1e1a27e7be32a3f18440c05951fa7e52eb9

    • SHA256

      0a052eff71641ff91897af5bdecb4a98ed3cb32bcb6ff86c4396b1e3ceee0184

    • SHA512

      7f547f46e21ffe3c764050b081621c5df5046be118eb2765e546ce3fa3c3ed7541dbe0dc4deca85c682a1122d78a528614eac6c6684adcfae5e2f215f3651b52

    Score
    10/10
    phorphiexevasionloaderpersistencetrojanworm

    • Modifies Windows Defender Real-time Protection settings

      evasiontrojan

    • Phorphiex Payload

    • Phorphiex Worm

      Malware family which infects systems to distribute other malicious payloads such as ransomware, stealers and cryptominers.

      wormtrojanloaderphorphiex

    • Windows security bypass

      evasiontrojan

    • Executes dropped EXE

    • Loads dropped DLL

    • Windows security modification

      evasiontrojan

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks