phoenix | 24b606e90fbdf9736179471badae4d3943bbe17e7e5c8015e96b3dd69f54827e | Triage

Submit
Reports

Overview

overview

Static

static

5

24b606e90f...7e.exe

windows7_x64

24b606e90f...7e.exe

windows10-2004_x64

6

Sharing

General

Target

24b606e90fbdf9736179471badae4d3943bbe17e7e5c8015e96b3dd69f54827e
Size

1.1MB
Sample

220611-z9xmasdcg6
MD5

eb1592d5d1022087851724734ff8d258
SHA1

75a2db62fdbb50ef2faf0b81345269626e49dc3c
SHA256

24b606e90fbdf9736179471badae4d3943bbe17e7e5c8015e96b3dd69f54827e
SHA512

64b7f6f8c949cd4d510c85abc4a6251133eb823544791de26423a9132caa89b7c3582728f55e7d0b487fe3315abce7b9322a00788206ab36c0a7915ccccb5319

Score

10^/10

phoenix collection keylogger stealer

Static task

static1

Behavioral task

behavioral1

Sample

24b606e90fbdf9736179471badae4d3943bbe17e7e5c8015e96b3dd69f54827e.exe

Resource

win7-20220414-en

phoenix collection keylogger stealer

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

24b606e90fbdf9736179471badae4d3943bbe17e7e5c8015e96b3dd69f54827e.exe

Resource

win10v2004-20220414-en

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  24b606e90fbdf9736179471badae4d3943bbe17e7e5c8015e96b3dd69f54827e
- Size
  
  1.1MB
- MD5
  
  eb1592d5d1022087851724734ff8d258
- SHA1
  
  75a2db62fdbb50ef2faf0b81345269626e49dc3c
- SHA256
  
  24b606e90fbdf9736179471badae4d3943bbe17e7e5c8015e96b3dd69f54827e
- SHA512
  
  64b7f6f8c949cd4d510c85abc4a6251133eb823544791de26423a9132caa89b7c3582728f55e7d0b487fe3315abce7b9322a00788206ab36c0a7915ccccb5319
Score

10^/10

phoenix collection keylogger stealer
- Phoenix Keylogger
  Phoenix is a keylogger and info stealer first seen in July 2019.
  stealer keylogger phoenix
- Phoenix Keylogger Payload
- Accesses Microsoft Outlook profiles
  collection
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Email Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

phoenixcollectionkeyloggerstealer

behavioral2

© 2018-2025

Terms | Privacy