General

  • Target

    f4c71bb6e0a66271e2341c1b75468babee40a3fd382165b95dcf6ed47158a9dc_unpacked

  • Size

    46KB

  • Sample

    221027-fgkx9aagd5

  • MD5

    41a01146794b659a495ba72e5e000fd9

  • SHA1

    f9339bdba236f23b5fd80f5f8b857c85ace6e9f7

  • SHA256

    120b39312b1b3b47fef7aa11f655e9e73ea2c00e09a035e4229bf535caa9f50c

  • SHA512

    a279c85b24af1992f01dff8a191dd7e350b6d33a4b9712f68ca314e7beaa935276ebc46d5857ce7dc1483df36281e17d6417080f644229335cd5d6f5b0cdc26a

  • SSDEEP

    768:umULbLyP1PMO3TV/V2OwdVgoJ4z6/3Ywp2JcGU7Uz3Lgs:LU3WP153h/V2OsG2J/39AT3Lp

Malware Config

Targets

    • Target

      f4c71bb6e0a66271e2341c1b75468babee40a3fd382165b95dcf6ed47158a9dc_unpacked

    • Size

      46KB

    • MD5

      41a01146794b659a495ba72e5e000fd9

    • SHA1

      f9339bdba236f23b5fd80f5f8b857c85ace6e9f7

    • SHA256

      120b39312b1b3b47fef7aa11f655e9e73ea2c00e09a035e4229bf535caa9f50c

    • SHA512

      a279c85b24af1992f01dff8a191dd7e350b6d33a4b9712f68ca314e7beaa935276ebc46d5857ce7dc1483df36281e17d6417080f644229335cd5d6f5b0cdc26a

    • SSDEEP

      768:umULbLyP1PMO3TV/V2OwdVgoJ4z6/3Ywp2JcGU7Uz3Lgs:LU3WP153h/V2OsG2J/39AT3Lp

    • Modifies Windows Defender Real-time Protection settings

    • Phorphiex

      Malware family which infects systems to distribute other malicious payloads such as ransomware, stealers and cryptominers.

    • Phorphiex payload

    • Windows security bypass

    • Executes dropped EXE

    • Loads dropped DLL

    • Windows security modification

    • Adds Run key to start application

MITRE ATT&CK Enterprise v6

Tasks