99c7a68f32f9da9c8d7fa5e51ae4ff06bce8abc966e1b19543fab4f2b6a86587

Sharing

Copy URL

Twitter E-mail

General

Target

Phoenix.zip
Size

8.2MB
Sample

230129-3hse2shd73
MD5

c88d3a7be06ef91ade6ddcb44924a71e
SHA1

4be2edcffb6209d42871b87fd50229f4c1988424
SHA256

99c7a68f32f9da9c8d7fa5e51ae4ff06bce8abc966e1b19543fab4f2b6a86587
SHA512

3fd729d8fb84feddc6e4579f2d6635ce17e1676ba94f4322e880c2d165f2e29e6ccfca76a0cdfa32ba7690aafa87326e007e28d6d553ccca4ee8a98865234afa
SSDEEP

196608:wI+lfJV8/rgwjQl5udfbk+ZRAPcKhVbfaMYMuUr+a1KDqGNQlb+M:XME/rgwjQl8bZZRAPcKhlfaPUr+3Wp

Score

8^/10

Malware Config

Targets

- Target
  
  Phoenix/AngleSharp.dll
- Size
  
  861KB
- MD5
  
  ba231be096738680abadcb0504361b6e
- SHA1
  
  7eb1609f8643d1964ec252f897c05a10345b7d85
- SHA256
  
  78e304f09e0af840441733b89bb3c268109fa1c4200085a7c1edb097b6723d7a
- SHA512
  
  3a662033bbd0688cd76da84970d988c6932912a7cbac7f6ed1b26e32f480e9ac4866609764334a610c3b8b52de4d52c557e23d3ea111f154ff41e426d14923cc
- SSDEEP
  
  6144:JnFGmSD2smAF5DvLpN15eNcWx0x1DOlzWrBmXgis5zEJ0rlz6zoMJsJG/YLfjrkS:J8XlrNHwqd6aD26o2GckUMIC5Yq6ku
Score

1^/10
behavioral1
- Target
  
  Phoenix/Colorful.Console.dll
- Size
  
  88KB
- MD5
  
  89fab48df74cab3bb13ce012a1d3021c
- SHA1
  
  9e26dc19e7126be8fa150e2798e3be14c059afbb
- SHA256
  
  b8f2f0e9263129742e11bbaf56e0f082499a68d5113959b6a857ed51aa8a2570
- SHA512
  
  14a778f15a7e2bfa178aa73c6c8776b7812116915318ae6202250f66faacf276e514c97628d104ae687efe9dcbb14a0ac48b2658fc1218bd2448cee473132c52
- SSDEEP
  
  1536:1yQJm5aA5hedAW4B2nBKc6dQ/lawQ/ddbrL:1ccA5QdO2B9Wsl/Q/PL
Score

1^/10
behavioral2
- Target
  
  Phoenix/ICSharpCode.SharpZipLib.dll
- Size
  
  243KB
- MD5
  
  4fe179ef90fa134b8e564ab7ff9bd903
- SHA1
  
  350090780710aa3448e2bd3b814eedefcc6026a5
- SHA256
  
  d35291416c0b7dec5232486b26406f4d02da190ca8237b53542d20f24135eac7
- SHA512
  
  321092782a5ddc78b3cd1b5395ae8818e0cfab762b48f0fcd9bde4b1ab9c40b374d3a910efe67e6fead3b7aecf378055c7feb97e3c8198f83a13bd6612a23411
- SSDEEP
  
  6144:6Po8JC1HXfrusPX/qQCSdAFRLtaMimzXo0f:69C13fr1v/qO6yiXo
Score

1^/10
behavioral3
- Target
  
  Phoenix/Newtonsoft.Json.dll
- Size
  
  679KB
- MD5
  
  916d32b899f1bc23b209648d007b99fd
- SHA1
  
  e3673d05d46f29e68241d4536bddf18cdd0a913d
- SHA256
  
  72cf291d4bab0edd08a9b07c6173e1e7ad1abb7ab727fd7044bf6305d7515661
- SHA512
  
  60bd2693daa42637f8ae6d6460c3013c87f46f28e9b0dbf9d7f6764703b904a7c8c22e30b4ba13f1f23f6cbee7d9640ee3821c48110e67440f237c2bb2ee5eb6
- SSDEEP
  
  12288:1eos/POdGV5jfWrV/9Yeh9eRcyLfLYtT5mWxTZ/B7jW5JMtRRpKzQk:10/POdGV5jfW5VnhFyvOB7jW5JMty
Score

1^/10
behavioral4
- Target
  
  Phoenix/Phoenix.dll
- Size
  
  334KB
- MD5
  
  2a2c5fde9a459d6e709913848f2174ae
- SHA1
  
  684f6757eb81cd8a807c817907d90aeeb44ce074
- SHA256
  
  94b039df233e0019599e9074e0c4d7ac8e2048890e275bf7049667f17ba6fa17
- SHA512
  
  908a56b4d86311f449de06f06506409b9126f8c54059e67d263f1ccd20d7f70d514c0f3202e5543dd18f15d8e457e72bee4e537b05930f8277bf99d6adf48547
- SSDEEP
  
  3072:5giPPG93md3CR2QDTpYAA8sHqAQA/VoxrdtSZtV2u+Q:x+v2gTiPHqAZ/exrdKV2
Score

8^/10
- Downloads MZ/PE file
- Executes dropped EXE
- Deletes itself
behavioral5
- Target
  
  Phoenix/Phoenix.exe
- Size
  
  1.4MB
- MD5
  
  9d68e4b0270a866465d645770cad3e2f
- SHA1
  
  48a2c50e02303ff11b14433be9cc97c8be7e2969
- SHA256
  
  0d22ff318268a1419cfe15e454a8dd546d3a2dccf8259227c8edb035f341cdbc
- SHA512
  
  8e5e6fb9101f3c3611db78844c651bf6b0da21699708dc0fd1682024f0acf710e0f9c129083a53a1083dc5aaab7cae60cb41feff613e215edc0cc766bd6b0541
- SSDEEP
  
  24576:bOQirqO1fn0QzIYCQbOgrJ3fz4/EQn652VOs9WflYxRK:qQiP1f0QCQagrxfz4/bju9o
Score

8^/10
- Downloads MZ/PE file
- Executes dropped EXE
- Deletes itself
behavioral6
- Target
  
  Phoenix/WebDriver.dll
- Size
  
  5.9MB
- MD5
  
  7c2e75cb28faf2b0f05bbca6e841e4ab
- SHA1
  
  f71dfebd1df04964117d4fcfe4183e234c29327a
- SHA256
  
  52bef794305f0b90a58fab7b366c1daaacaf31562658402c2b2f9b6c658b0bce
- SHA512
  
  c07c672b9ae8cff7ded2dfa2fef6efab2577429dc744cd84525ddbad3f39fe221351084bf4825e1316f58e399a38e20ff53a203796194d41906f13aa75154824
- SSDEEP
  
  49152:InQD1lTNYJ2099mPUAQw8ISKrB+UWkuP4zSKY+54znQgO:IOI20rm7QE
Score

1^/10
behavioral7
- Target
  
  Phoenix/WebDriverManager.dll
- Size
  
  28KB
- MD5
  
  e46c940c1b5063c0843ad3fc356f075c
- SHA1
  
  3a8a46d8b6a6d7bc5dce47ac6de7f80b7b6dd74a
- SHA256
  
  0b99bfe6a17ff026d4f762dbca7d1a6b1cdfc3c444b93a33b275475920e84612
- SHA512
  
  76aafb88e50968dbe7c4c131c11252ded77c74b4ff610e959e7cd15c757822d45581ee9cd8b87049b23739d7f63b3619a1a46f31e94fccbacc84a54532317fb2
- SSDEEP
  
  768:bH14xO5hrj2PIgEgb/4G5pU/upU0KpFp9B6heR:QO5hrj2jEO4G5pU/upU0KpFp9B6heR
Score

1^/10
behavioral8
- Target
  
  Phoenix/selenium-manager/linux/selenium-manager
- Size
  
  3.9MB
- MD5
  
  6e0e8d086bbd804f2e7b8bac99453d9e
- SHA1
  
  0a4c23a12bc73d781cee661559d9868855d0f6dd
- SHA256
  
  99a3039f3ea56a89424e6b2085e0b64621425913472ac233a0815d6a4c177817
- SHA512
  
  4a367bc23dc2760ba49fbc736193ba1dffeb70a2c4fff97c25b0036fc79b24ec3d0ebbfdd7f8368ccbe803d5e4c078d6adc1a85432be9af6265eb99c288133d9
- SSDEEP
  
  49152:tshvNZyQaYFD5VCaYFUG1gnBlIQVO31H+nTzixYwKNx+maI2hYcUG19IU6iUevM:tshbAjOUicUL+UeU
Score

1^/10
behavioral9
- Target
  
  Phoenix/selenium-manager/macos/selenium-manager
- Size
  
  3.4MB
- MD5
  
  13034fe2a51d88c5e454f805263a979b
- SHA1
  
  a66578d23769730d451ff20a746e460c734fe7f6
- SHA256
  
  ce0e45ac9edcfde5443d10664e062ed284b71094a46c5d7b94259bfb14d11c1b
- SHA512
  
  1ac9aa19189864492e1c649cd4ba5953611e877367695b164b14c010626b055793db3e052ed749d1bda3e6d26abff1699efd34a9cfa13d314f727f6148263719
- SSDEEP
  
  49152:+n9dyvEVeBUYQHa4SW2bqZUpioHZRxj0bNSb/2bcE0rkLnXucOu2l+k014VIU6il:Up26ZzbcEF5k+kzy+wt8FyTA
Score

1^/10
behavioral10
- Target
  
  Phoenix/selenium-manager/windows/selenium-manager.exe
- Size
  
  3.3MB
- MD5
  
  0d0f8fd7d7743c404ebde5a912bd7e01
- SHA1
  
  4ab712747be3ea26c5b6c4d1708b0e41bcde2184
- SHA256
  
  b178fdc92ae8a9df9ab5ea0450b5766256130dcddf5b171911c84c1844defd7a
- SHA512
  
  5dcd2ca86023d1ad44496ed03813031a598890edca43f43cfd2f05b875d26a111a26a4ef6f8e5cf8cf6b687a65141bb7fddde3338451c57388d9e0435444c630
- SSDEEP
  
  49152:zq3qfVzxJ42+ngCV67a2i48e/5pLVk0WRXb94QsG1TXIU6iKSb:ODg4Jle9k0Wb4QsV+KSb
Score

1^/10
behavioral11

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Downloads MZ/PE file

Executes dropped EXE

Deletes itself

Downloads MZ/PE file

Executes dropped EXE

Deletes itself

MITRE ATT&CK Enterprise v6

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11