ef373cafbc275360d1853801ac61c2e7547ef757a545ac37679252a52c0bc91a

Sharing

Copy URL Twitter E-mail

General

Target

ef373cafbc275360d1853801ac61c2e7547ef757a545ac37679252a52c0bc91a
Size

787KB
MD5

567e799317d6be279a373b633d96d2f6
SHA1

a4073899c1d6623e2fa522dff086eb9def100f85
SHA256

ef373cafbc275360d1853801ac61c2e7547ef757a545ac37679252a52c0bc91a
SHA512

ce8cd838b8b24577253f515ece786eeada569c00d416f8af37ba8f41ad6dccd4186c6fbc5ea7c37c755c09c8ea86e805db0af978aa4926c8ad2e942863a82107
SSDEEP

24576:Hku2ioX3ccLPpYWyYfLR1NNgw2TrtwPV:Z2xcAPNQw

Score

9^/10

miner

Malware Config

Signatures

Detectes Phoenix Miner Payload 1 IoCs

miner

resource	yara_rule
sample	miner_phoenix

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ef373cafbc275360d1853801ac61c2e7547ef757a545ac37679252a52c0bc91a

Files

ef373cafbc275360d1853801ac61c2e7547ef757a545ac37679252a52c0bc91a
.exe windows:4 windows x86

edd548ff3ab204c31a22fef21cb94abb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

AddAtomA
CloseHandle
CreateEventA
CreateMutexA
CreateSemaphoreA
DeleteCriticalSection
DuplicateHandle
EnterCriticalSection
ExitProcess
FindAtomA
GetAtomNameA
GetConsoleWindow
GetCurrentProcess
GetCurrentThread
GetCurrentThreadId
GetHandleInformation
GetLastError
GetModuleHandleA
GetProcAddress
GetProcessAffinityMask
GetSystemTimeAsFileTime
GetThreadContext
GetThreadPriority
InitializeCriticalSection
InterlockedDecrement
InterlockedExchange
InterlockedExchangeAdd
InterlockedIncrement
IsDBCSLeadByteEx
LeaveCriticalSection
MultiByteToWideChar
ReleaseMutex
ReleaseSemaphore
ResetEvent
ResumeThread
SetCriticalSectionSpinCount
SetEvent
SetLastError
SetProcessAffinityMask
SetThreadContext
SetThreadPriority
SetUnhandledExceptionFilter
Sleep
SuspendThread
TlsAlloc
TlsGetValue
TlsSetValue
TryEnterCriticalSection
VirtualProtect
VirtualQuery
WaitForMultipleObjects
WaitForSingleObject
WideCharToMultiByte

msvcrt

_fdopen
_read
_write
__getmainargs
__mb_cur_max
__p__environ
__p__fmode
__set_app_type
_beginthreadex
_cexit
_endthreadex
_errno
_filelengthi64
_fstati64
_iob
_lseeki64
_onexit
_setjmp
_setmode
abort
atexit
atoi
calloc
exit
fclose
fflush
fgetpos
fopen
fprintf
fputc
fputs
fread
free
fsetpos
fwrite
getc
getenv
getwc
iswctype
localeconv
longjmp
malloc
memchr
memcmp
memcpy
memmove
memset
printf
putc
putwc
realloc
setlocale
setvbuf
signal
sprintf
strchr
strcmp
strcoll
strerror
strftime
strlen
strtod
strtoul
strxfrm
towlower
towupper
ungetc
ungetwc
vfprintf
wcscoll
wcsftime
wcslen
wcsxfrm

shell32

ShellExecuteA

user32

ShowWindow

Sections

.text
Size: 732KB - Virtual size: 732KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 788B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.eh_fram
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 8KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 28B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

edd548ff3ab204c31a22fef21cb94abb

Headers

File Characteristics

Imports

kernel32

msvcrt

shell32

user32

Sections

.text Size: 732KB - Virtual size: 732KB

.data Size: 1024B - Virtual size: 788B

.rdata Size: 42KB - Virtual size: 41KB

.eh_fram Size: 5KB - Virtual size: 5KB

.bss Size: - Virtual size: 8KB

.idata Size: 4KB - Virtual size: 3KB

.CRT Size: 512B - Virtual size: 28B

.tls Size: 512B - Virtual size: 32B

.text
Size: 732KB - Virtual size: 732KB

.data
Size: 1024B - Virtual size: 788B

.rdata
Size: 42KB - Virtual size: 41KB

.eh_fram
Size: 5KB - Virtual size: 5KB

.bss
Size: - Virtual size: 8KB

.idata
Size: 4KB - Virtual size: 3KB

.CRT
Size: 512B - Virtual size: 28B

.tls
Size: 512B - Virtual size: 32B