phorphiex | 5a651b2be779e145cde1ec5859f66a540c80e06af4504108fb8ed36396e463f9 | Triage

Submit
Reports

Overview

overview

Static

static

25f867b806...2e.exe

windows7_x64

25f867b806...2e.exe

windows10_x64

Sharing

General

Target

5788658835423232.zip
Size

201KB
Sample

210512-gtj7297qh6
MD5

228e499c5d42b6b41dc123a27de6d9e9
SHA1

dc26900de4c5c740fa29140b096a053ae2cc3899
SHA256

5a651b2be779e145cde1ec5859f66a540c80e06af4504108fb8ed36396e463f9
SHA512

c79c8521f6ffc183d7022f6bde94659302969b2d19c1f450b207dbd89a635fcd6d0ca4a14847eae55809bf49cfd9d9c2e96e90df7664556ccee80b2d53c16691

Score

10^/10

phorphiex evasion loader persistence trojan worm

Static task

static1

Behavioral task

behavioral1

Sample

25f867b8065165d7876adb29673ac78be2a731ae82b9ea57eb54ba6479bc642e.exe

Resource

win7v20210410

phorphiex evasion loader persistence trojan worm

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

25f867b8065165d7876adb29673ac78be2a731ae82b9ea57eb54ba6479bc642e.exe

Resource

win10v20210410

phorphiex evasion loader persistence trojan worm

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  25f867b8065165d7876adb29673ac78be2a731ae82b9ea57eb54ba6479bc642e
- Size
  
  818KB
- MD5
  
  dd1aa660f2f24368dd58c5ce7a709b6c
- SHA1
  
  a54d435a04d3e883b1773d1c8d439dc95628fa07
- SHA256
  
  25f867b8065165d7876adb29673ac78be2a731ae82b9ea57eb54ba6479bc642e
- SHA512
  
  a86738a5fd7915f3fbd9ddc8b5c3e01a936074749b7e8d14ceb91defef6657b5e5c1fc76fc6461b86424add2099c14b90c88b7b84de53928404562f2148b16b5
Score

10^/10

phorphiex evasion loader persistence trojan worm
- Modifies Windows Defender Real-time Protection settings
  evasion trojan
- Phorphiex Payload
- Phorphiex Worm
  Malware family which infects systems to distribute other malicious payloads such as ransomware, stealers and cryptominers.
  worm trojan loader phorphiex
- Windows security bypass
  evasion trojan
- Executes dropped EXE
- Loads dropped DLL
- Windows security modification
  evasion trojan
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Modify Existing Service

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Disabling Security Tools

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

phorphiexevasionloaderpersistencetrojanworm

behavioral2

phorphiexevasionloaderpersistencetrojanworm

© 2018-2024

Terms | Privacy