General
-
Target
d9edee0541b9a5baf2cb2b1915aef1d034efd4edd4b3c030b508669da1e2aaf2
-
Size
418KB
-
Sample
220625-ja18fabbgp
-
MD5
36a8bf060f86867226c4268b41965e48
-
SHA1
39aaf27ac2f3d346a181dc74fa4555da429580fe
-
SHA256
d9edee0541b9a5baf2cb2b1915aef1d034efd4edd4b3c030b508669da1e2aaf2
-
SHA512
ac39821cf66124393f9dcf42c0501f5c6a20ebd9cc6b5034ecf13f30e13ca8900efc738aa5d060545da8969dec5c46f7105d01ff27f4836e787268925b83bb47
Static task
static1
Behavioral task
behavioral1
Sample
d9edee0541b9a5baf2cb2b1915aef1d034efd4edd4b3c030b508669da1e2aaf2.exe
Resource
win7-20220414-en
Malware Config
Extracted
phorphiex
http://185.176.27.132/
18bzpjFfo5JQ41GzzUNRMgcE7WwQwpqFrR
qzrlc85n7vu220yz2ev2vzdyanzpewfx4y9ntufhuz
XhEqUEiD1bLxA8mRePYqLSqzZfLXp1X74m
D6tmLUzcMLo6iMCjG8NCgTefkn5tw3L5Lm
0xab1b250d67d08bf73ac864ea57af8cf762a29649
LhGa2pRATCyusFbYRhJSoyXrx3om9Yxnca
t1ZaBJjdvxKaqTmNV2qjDVK3FtpLL73ZXcj
Targets
-
-
Target
d9edee0541b9a5baf2cb2b1915aef1d034efd4edd4b3c030b508669da1e2aaf2
-
Size
418KB
-
MD5
36a8bf060f86867226c4268b41965e48
-
SHA1
39aaf27ac2f3d346a181dc74fa4555da429580fe
-
SHA256
d9edee0541b9a5baf2cb2b1915aef1d034efd4edd4b3c030b508669da1e2aaf2
-
SHA512
ac39821cf66124393f9dcf42c0501f5c6a20ebd9cc6b5034ecf13f30e13ca8900efc738aa5d060545da8969dec5c46f7105d01ff27f4836e787268925b83bb47
-
Phorphiex payload
-
suricata: ET MALWARE Possible Compromised Host AnubisNetworks Sinkhole Cookie Value Snkz
suricata: ET MALWARE Possible Compromised Host AnubisNetworks Sinkhole Cookie Value Snkz
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-