Static task
static1
Behavioral task
behavioral1
Sample
Phox Grabber.exe
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
Phox Grabber.exe
Resource
win10v2004-20230220-en
General
-
Target
Phox Grabber.exe
-
Size
8.2MB
-
MD5
f2241bc75890c4bd40e3b3567c86d54e
-
SHA1
2511bd5e609d68b1ea980e4dea1c9da2c7b14107
-
SHA256
105f52d617d2b8ff35d4340be6f3a1dc9e0b3e5ae212cfec3e52848b8b87d961
-
SHA512
3e1fe5e4d5d34de8f7c46cb451ff0abe0e06094835a9517ecc0cae167b1f775d5deb4cde2e465724e4bad4cdc633f07e0dff208df80502e3ad8264e0bf447b32
-
SSDEEP
196608:O3j7GVdDPtpK3yOtTZjVjm3UNOTRFOGGafDJMYN3zVFyZ:OeVBO3ptTZjEfRfdfDSgy
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource Phox Grabber.exe
Files
-
Phox Grabber.exe.exe windows x64
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
Sections
.text Size: 8.1MB - Virtual size: 8.1MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 42KB - Virtual size: 42KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ