Overview

overview

10

Static

static

7018f234af...fb.exe

windows7_x64

10

7018f234af...fb.exe

windows10-2004_x64

10

Analysis

  • max time kernel
    91s
  • max time network
    158s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-en-20220112
  • submitted
    03-03-2022 09:16

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    7018f234af8bad22087be6e90ddeeafb.exe

  • Size

    545KB

  • MD5

    7018f234af8bad22087be6e90ddeeafb

  • SHA1

    a789b31320677d57b52f9ed56aecf144dc89f12a

  • SHA256

    7a76c39cebc89415a125d7773796ac539e0fc0f36a4663ec0ec75fec0d46bb7c

  • SHA512

    4fef532d31d2447953d4984b2079974da7fe12277738dbb59f09d6584c8aacf803a6015555c08c1e7d673c8c2834103f8dbd1340fc38693fb48b8487a8e723f6

Score
10/10
phoenixstealerstealer

Malware Config

Signatures

  • PhoenixStealer

    PhoenixStealer is an information stealer written in the C++, it sends the stolen information to cybercriminals.

    stealerphoenixstealer
  • Checks processor information in registry 2 TTPs 2 IoCs

    Processor information is often read in order to detect sandboxing environments.

Processes

  • C:\Users\Admin\AppData\Local\Temp\7018f234af8bad22087be6e90ddeeafb.exe
    "C:\Users\Admin\AppData\Local\Temp\7018f234af8bad22087be6e90ddeeafb.exe"
    1⤵
      PID:3104
    • C:\Windows\system32\MusNotifyIcon.exe
      %systemroot%\system32\MusNotifyIcon.exe NotifyTrayIcon 0
      1⤵
      • Checks processor information in registry
      PID:1116

    Network

    MITRE ATT&CK Enterprise v6

    Replay Monitor

    Loading Replay Monitor...

    Downloads