General
-
Target
b65cdaaf688423fb0d3b02e18dfa814ebc6bc2e4637e8a40f9c64c802b7f219f
-
Size
368KB
-
Sample
220725-fatltafbhn
-
MD5
4edd5e53432ee2fde30e94e4887dec54
-
SHA1
6bb5c8be14d8da80f0f96c99fa2df3bb7124c965
-
SHA256
b65cdaaf688423fb0d3b02e18dfa814ebc6bc2e4637e8a40f9c64c802b7f219f
-
SHA512
28723099729b415b3af80922d7983fa07ba7bad88276d35ac9a481aed0e77f435bebb8460c6a8948068577ebda2d692e0622a2f9f181ded29475cb68e5d45eaa
Static task
static1
Behavioral task
behavioral1
Sample
b65cdaaf688423fb0d3b02e18dfa814ebc6bc2e4637e8a40f9c64c802b7f219f.exe
Resource
win7-20220718-en
Malware Config
Extracted
phorphiex
http://185.176.27.132/
13cQ2H6oszrEnvw1ZGdsPix9gUayB8tzNa
qr5pm4d27z250wpz4sfy08ytghxn56kryvsw5tdw99
XfrM8P9YWSg8mQTxSCCxyHUeQjMEGx8vnE
DSG5PddW9wu1eKdLcx4f3KBF4wUvaBFaGc
0x373b9854c9e4511b920372f5495640cdc25d6832
LSermtCTLWeS683x17AtYuhNT8MpMmVmi8
t1XgRHyGj6YDNqkS5EWwdcXG1rjQPFFdUsR
Targets
-
-
Target
b65cdaaf688423fb0d3b02e18dfa814ebc6bc2e4637e8a40f9c64c802b7f219f
-
Size
368KB
-
MD5
4edd5e53432ee2fde30e94e4887dec54
-
SHA1
6bb5c8be14d8da80f0f96c99fa2df3bb7124c965
-
SHA256
b65cdaaf688423fb0d3b02e18dfa814ebc6bc2e4637e8a40f9c64c802b7f219f
-
SHA512
28723099729b415b3af80922d7983fa07ba7bad88276d35ac9a481aed0e77f435bebb8460c6a8948068577ebda2d692e0622a2f9f181ded29475cb68e5d45eaa
-
Phorphiex payload
-
suricata: ET MALWARE Possible Compromised Host AnubisNetworks Sinkhole Cookie Value Snkz
suricata: ET MALWARE Possible Compromised Host AnubisNetworks Sinkhole Cookie Value Snkz
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-