General
-
Target
PhantomBinder-main.rar
-
Size
1.7MB
-
Sample
220920-zwdx2aech6
-
MD5
ffbabf46f2ef7b3d0a894148c2644124
-
SHA1
5aa304d16c38b05428f01214feb913c92eb5d743
-
SHA256
c18a8fbb2ee9b773aa51b3bf0d725e854252a549e9561d6ba348a7449e411c6d
-
SHA512
5dc9a9351f77ae7506945640adcf07a72b3463b956b939a9a9a9024f3bb7457a03dbc482b36195f64d7fe60a02562d03a7d4a45877bf64d837b8a3bf9d4bf06d
-
SSDEEP
49152:kJmEdV549i7b/ZSv0bRlsyXGbjlX2D5pT+LB7kbi:k8EH5494b8v0bRCyWbSpTK7L
Behavioral task
behavioral1
Sample
PhantomBinder-main/$PhantomBinder/Guna.UI2.dll
Resource
win10v2004-20220812-en
Behavioral task
behavioral2
Sample
PhantomBinder-main/$PhantomBinder/PhantomBinder.exe
Resource
win10v2004-20220812-en
Malware Config
Targets
-
-
Target
PhantomBinder-main/$PhantomBinder/Guna.UI2.dll
-
Size
1.9MB
-
MD5
0f07705bd42d86d77dab085c42775244
-
SHA1
7e4b5c367183f4753a8d610e353c458c3def3888
-
SHA256
cf9b66e11506fa431849350c0cb58430a71e5ec943d2db9ef1b2e2302f299443
-
SHA512
851b1a4c470ee7fe07ce5619c16fd391428585926c5b559694a9e445633ea51ec86c74a3bbf3bce39d943c4bf714dad2fd3c4a4d0703be2333541c79a2ee97f0
-
SSDEEP
24576:m8Yq6KN2liAVp0j4DuJPbTzcH7DlktjfEzgKxGgcKM8Q3xajfgY236RYgPNsP:drCqfE0KctKM8Qv6RYgPY
Score1/10 -
-
-
Target
PhantomBinder-main/$PhantomBinder/PhantomBinder.exe
-
Size
1.0MB
-
MD5
bd2267854885b36b1b07d9e3e664b7dc
-
SHA1
dc171d040e9eb672dc0a543742a2fb5347c46932
-
SHA256
0550d2794a79cede9894bf362683127515e5e3fd5b9a188957e47a0dbd74170c
-
SHA512
5052cb3687d500518d5f1b04e877225de9749466a0216b22d510db37bde9ba9d6dde390818b5945111f59d3a6c6ddbf795047b7b20defb609a7ec1900fb914a6
-
SSDEEP
24576:Ak70TrctRILUqcVN6WRwY0DcZccB/kOMt009yoipwCDtpn:AkQTAD4UqcVsWTGYc+Mr0Fo8wCJpn
Score7/10-
Loads dropped DLL
-
Obfuscated with Agile.Net obfuscator
Detects use of the Agile.Net commercial obfuscator, which is capable of entity renaming and control flow obfuscation.
-