phoenixstealer | db6b5ff99f5037cf2f4968560a4e4bfdc977782aa731eb0566e819e8a8a67b9a | Triage

Submit
Reports

Overview

overview

Static

static

db6b5ff99f...in.exe

windows7_x64

db6b5ff99f...in.exe

windows10_x64

Analysis

max time kernel
120s
max time network
120s
platform
windows7_x64
resource
win7-en-20211014
submitted
01-11-2021 13:16

Sharing

Static task

static1

stealer phoenixstealer

Behavioral task

behavioral1

Sample

db6b5ff99f5037cf2f4968560a4e4bfdc977782aa731eb0566e819e8a8a67b9a.bin.exe

Resource

win7-en-20211014

phoenixstealer stealer

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

db6b5ff99f5037cf2f4968560a4e4bfdc977782aa731eb0566e819e8a8a67b9a.bin.exe

Resource

win10-en-20210920

phoenixstealer stealer

windows10_x64

0 signatures

0 seconds

Report Analysis Logs

General

Target

db6b5ff99f5037cf2f4968560a4e4bfdc977782aa731eb0566e819e8a8a67b9a.bin.exe
Size

546KB
MD5

50df2444be84fc401e187c4c9be24805
SHA1

7eaca5e269effc83aa4c6bf5a6ec335797b343b0
SHA256

db6b5ff99f5037cf2f4968560a4e4bfdc977782aa731eb0566e819e8a8a67b9a
SHA512

d9a3b65b68a2c65ef3b4b68ac55fda7051443f44ebbbfab45c6a537a54ee3c36d51039f38ac7052640f63986b12a584403d38f999b0251338a06c1018f6b75d9

Score

10^/10

phoenixstealer stealer

Malware Config

Signatures

PhoenixStealer
PhoenixStealer is an information stealer written in the C++, it sends the stolen information to cybercriminals.
stealer phoenixstealer

Processes

C:\Users\Admin\AppData\Local\Temp\db6b5ff99f5037cf2f4968560a4e4bfdc977782aa731eb0566e819e8a8a67b9a.bin.exe
"C:\Users\Admin\AppData\Local\Temp\db6b5ff99f5037cf2f4968560a4e4bfdc977782aa731eb0566e819e8a8a67b9a.bin.exe"
1⤵
PID:676

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/676-55-0x0000000075321000-0x0000000075323000-memory.dmp

Filesize
8KB

Download

© 2018-2024

Terms | Privacy