Overview

overview

10

Static

static

2su0b91u.exe

windows7_x64

2su0b91u.exe

windows10-2004_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2su0b91u.exe

  • Size

    4.9MB

  • Sample

    220510-r21d8ahcc7

  • MD5

    b0e15f0280f46a9756f9da56faa1a638

  • SHA1

    17c6f70b85f3b6e098774f2c680d563ed79d4656

  • SHA256

    f3afc877ab527a6fac21360eadc1da5c9401740323d2ddef5e3bc40bcef70525

  • SHA512

    361e58606daf9e5ff030a28b0c19d16fa79e13ffe8dd4b34a937efb0234c86c1d5fec8aed3a9b8b082ff5f87503a724af9b24dedde39fdf9928b8ff72d2532a7

Score
10/10
phoenixstealerstealersuricata

Malware Config

Targets

    • Target

      2su0b91u.exe

    • Size

      4.9MB

    • MD5

      b0e15f0280f46a9756f9da56faa1a638

    • SHA1

      17c6f70b85f3b6e098774f2c680d563ed79d4656

    • SHA256

      f3afc877ab527a6fac21360eadc1da5c9401740323d2ddef5e3bc40bcef70525

    • SHA512

      361e58606daf9e5ff030a28b0c19d16fa79e13ffe8dd4b34a937efb0234c86c1d5fec8aed3a9b8b082ff5f87503a724af9b24dedde39fdf9928b8ff72d2532a7

    Score
    10/10
    phoenixstealerstealersuricata

    • PhoenixStealer

      PhoenixStealer is an information stealer written in the C++, it sends the stolen information to cybercriminals.

      stealerphoenixstealer

    • suricata: ET MALWARE Win32/HunterStealer/AlfonsoStealer/PhoenixStealer CnC Exfil

      suricata: ET MALWARE Win32/HunterStealer/AlfonsoStealer/PhoenixStealer CnC Exfil

      suricata

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks