phoenix | 2e985b0c83bbdd94ea5cb2b5233bacbebcb990ccd5f0dde29228ff5aaf8d35fa | Triage

Submit
Reports

Overview

overview

Static

static

5

2e985b0c83...fa.exe

windows7_x64

2e985b0c83...fa.exe

windows10-2004_x64

6

Sharing

General

Target

2e985b0c83bbdd94ea5cb2b5233bacbebcb990ccd5f0dde29228ff5aaf8d35fa
Size

1.1MB
Sample

220622-jpf6taahek
MD5

4af0e440292dbccf2ee7fc82b2524937
SHA1

f4f14fa34573b310a7341b1cc6993c506abfe5d0
SHA256

2e985b0c83bbdd94ea5cb2b5233bacbebcb990ccd5f0dde29228ff5aaf8d35fa
SHA512

e4bae673a41e431c5cf62010bd447cb11368d387f3d7dae4975d3973c07fa6b945e784d2e504cad6a7f2d1e233ccba0d65028e27f0f23888c09078180b83c580

Score

10^/10

phoenix collection keylogger stealer

Static task

static1

Behavioral task

behavioral1

Sample

2e985b0c83bbdd94ea5cb2b5233bacbebcb990ccd5f0dde29228ff5aaf8d35fa.exe

Resource

win7-20220414-en

phoenix collection keylogger stealer

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

2e985b0c83bbdd94ea5cb2b5233bacbebcb990ccd5f0dde29228ff5aaf8d35fa.exe

Resource

win10v2004-20220414-en

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  2e985b0c83bbdd94ea5cb2b5233bacbebcb990ccd5f0dde29228ff5aaf8d35fa
- Size
  
  1.1MB
- MD5
  
  4af0e440292dbccf2ee7fc82b2524937
- SHA1
  
  f4f14fa34573b310a7341b1cc6993c506abfe5d0
- SHA256
  
  2e985b0c83bbdd94ea5cb2b5233bacbebcb990ccd5f0dde29228ff5aaf8d35fa
- SHA512
  
  e4bae673a41e431c5cf62010bd447cb11368d387f3d7dae4975d3973c07fa6b945e784d2e504cad6a7f2d1e233ccba0d65028e27f0f23888c09078180b83c580
Score

10^/10

phoenix collection keylogger stealer
- Phoenix Keylogger
  Phoenix is a keylogger and info stealer first seen in July 2019.
  stealer keylogger phoenix
- Phoenix Keylogger Payload
- Accesses Microsoft Outlook profiles
  collection
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Email Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

phoenixcollectionkeyloggerstealer

behavioral2

© 2018-2024

Terms | Privacy