phorphiex | 42a778ea7a7b4240ecdec489bf6e03cf | Triage

Sharing

Copy URL Twitter E-mail

General

Target

42a778ea7a7b4240ecdec489bf6e03cf
Size

64KB
MD5

42a778ea7a7b4240ecdec489bf6e03cf
SHA1

40eb63a23e35f9095efad5d13133a4045edabdb7
SHA256

596bb609cb6fc756034a381bea60fd6fc1794e47377f8a4a65d22b77f13a21e5
SHA512

d5796eec9837ad408e429b5e2b7a954f8d91e03702b9d4f446f81620382ddb72d3b78c532b4075d502a1243d9be7843f67b336f90bd024472ee99fef97ced47d
SSDEEP

768:umULbLyP1PMO3TV/V2OwdVguHLoz6/3Ywp2JcGU7Uz3jgs:LU3WP153h/V2OsGu1/39AT3jp

Score

10^/10

phorphiex

Malware Config

Extracted

Family

phorphiex

C2

http://tldrbox.top/

Signatures

Phorphiex family
phorphiex

Phorphiex payload 1 IoCs

resource	yara_rule
sample	family_phorphiex

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
42a778ea7a7b4240ecdec489bf6e03cf

Files

42a778ea7a7b4240ecdec489bf6e03cf
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ