General
-
Target
6c163bee10e7a3b0c3ca2174f9875841fe26815c52d63cdfc4553ef422493d98
-
Size
83KB
-
Sample
220731-h7cqnsecf6
-
MD5
0fe981884efec833e285d6911e6edde9
-
SHA1
1a8915fe8ef43cf6896406c48224f454b0af34c3
-
SHA256
6c163bee10e7a3b0c3ca2174f9875841fe26815c52d63cdfc4553ef422493d98
-
SHA512
94a60a5fe8f5b6fae4c9d3909aef708fee9dfefd3bc443831e7eee63ba242e9a7d2a7406c8d9cb5ac80c04f6b783fe0246fdd9771bd03826e4a84b1e9ba71ef6
Malware Config
Targets
-
-
Target
6c163bee10e7a3b0c3ca2174f9875841fe26815c52d63cdfc4553ef422493d98
-
Size
83KB
-
MD5
0fe981884efec833e285d6911e6edde9
-
SHA1
1a8915fe8ef43cf6896406c48224f454b0af34c3
-
SHA256
6c163bee10e7a3b0c3ca2174f9875841fe26815c52d63cdfc4553ef422493d98
-
SHA512
94a60a5fe8f5b6fae4c9d3909aef708fee9dfefd3bc443831e7eee63ba242e9a7d2a7406c8d9cb5ac80c04f6b783fe0246fdd9771bd03826e4a84b1e9ba71ef6
Score10/10-
Phoenix Keylogger
Phoenix is a keylogger and info stealer first seen in July 2019.
-
Phoenix Keylogger payload
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Accesses Microsoft Outlook profiles
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-