Overview

overview

9

Static

static

9

PhoenixMin...IO.dll

windows7-x64

1

PhoenixMin...IO.dll

windows10-2004-x64

1

PhoenixMin...IO.exe

windows7-x64

8

PhoenixMin...IO.exe

windows10-2004-x64

8

PhoenixMin...64.sys

windows7-x64

1

PhoenixMin...64.sys

windows10-2004-x64

1

PhoenixMin...er.exe

windows7-x64

5

PhoenixMin...er.exe

windows10-2004-x64

5

PhoenixMin...I.html

windows7-x64

1

PhoenixMin...I.html

windows10-2004-x64

1

PhoenixMin...ols.js

windows7-x64

1

PhoenixMin...ols.js

windows10-2004-x64

1

PhoenixMin...ons.js

windows7-x64

1

PhoenixMin...ons.js

windows10-2004-x64

1

PhoenixMin...4.1.js

windows7-x64

1

PhoenixMin...4.1.js

windows10-2004-x64

1

PhoenixMin...ery.js

windows7-x64

1

PhoenixMin...ery.js

windows10-2004-x64

1

PhoenixMin...min.js

windows7-x64

1

PhoenixMin...min.js

windows10-2004-x64

1

PhoenixMin...eme.js

windows7-x64

1

PhoenixMin...eme.js

windows10-2004-x64

1

PhoenixMin...ata.js

windows7-x64

1

PhoenixMin...ata.js

windows10-2004-x64

1

PhoenixMin...ols.js

windows7-x64

1

PhoenixMin...ols.js

windows10-2004-x64

1

PhoenixMin...3.1.js

windows7-x64

1

PhoenixMin...3.1.js

windows10-2004-x64

1

PhoenixMin...ore.js

windows7-x64

1

PhoenixMin...ore.js

windows10-2004-x64

1

PhoenixMin...s.html

windows7-x64

1

PhoenixMin...s.html

windows10-2004-x64

1

Analysis

  • max time kernel
    133s
  • max time network
    127s
  • platform
    windows7_x64
  • resource
    win7-20231129-en
  • resource tags

    arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
  • submitted
    02/02/2024, 22:59

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    PhoenixMiner_5.6c_Windows/doc/API.html

  • Size

    19KB

  • MD5

    7c54295bed71d089f85a75dc12e0c1fd

  • SHA1

    d86e4e7eb5dfddeed001745a6af333f3fd768021

  • SHA256

    af99bfb63a88cd11e65c70af60d062d1c33a7bcfa866cc0918c4010416c60a63

  • SHA512

    eb47e9a83ccb1535d58585459e6f10c715b6636fa467e2369232676e20e238d47b6ff7eb038a8e6c07d4bbdd79c1236eceb9c8736bb612dbad02b3234d6706b6

  • SSDEEP

    384:ZGLpzdg5WmJy/PhbuT0LH1qOsmPKJK3LJZL5:Exdg5WmJuPRTVqOsmPKJK3LJR5

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 38 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\PhoenixMiner_5.6c_Windows\doc\API.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1392
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1392 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2164

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC
    Filesize

    914B

    MD5

    e4a68ac854ac5242460afd72481b2a44

    SHA1

    df3c24f9bfd666761b268073fe06d1cc8d4f82a4

    SHA256

    cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

    SHA512

    5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357
    Filesize

    1KB

    MD5

    a266bb7dcc38a562631361bbf61dd11b

    SHA1

    3b1efd3a66ea28b16697394703a72ca340a05bd5

    SHA256

    df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

    SHA512

    0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC
    Filesize

    252B

    MD5

    b6867b84d5dc30a855047646bb97d156

    SHA1

    df5088c2971c7ca11ce5505e2c63c1c85dfc3682

    SHA256

    23dedfdd254f57ed339c2fec316a314bd79d42e58915ac1efc70195012921434

    SHA512

    eedb1644e47ca5e017c4cbbd8e6cee3ca34798c5ffacfb97c4ad69cd43ee1bc193dcd6470ab16c1ef77250ed0916aa12b099809ddb423d8fe4f2cbc18d2457b3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    711f2e891b55792dc2f01e9dae27495d

    SHA1

    fff71abbd9fda4cd4fd90a019dd63b02c64f17f3

    SHA256

    3563ebcf6b332e036b9e55cada567954ec90805b88cc2761ea22f279a7b38523

    SHA512

    36badca16618cc287479f0859579f073ad9a46c3dab986a4c7740790ab2dbdeb2fd08d4315188b6f1823d6d631b8994df6f18159d32a352bb23a33f028ffe67c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f929faff2811d4185abb03f856ebe0c9

    SHA1

    9e0ee9c5cecd4b23950ec225af192961b50cac59

    SHA256

    ae7ce4d1037ea261f3e29a2958c21c8bb99cc37019031243b4720e1ce1498e70

    SHA512

    26fc2edb656c059ffe1e1e203238278b8dd8111c965bf7e82db81bd565f1370cc19d5bd1305b77d01eefa43ea8ab68ae3cd95e7901eb24e66e5a27f6e8136789

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e6dedae5d1cdfa9e5586f1a2486fae56

    SHA1

    8cc5c77f748cde34169e0f79ea3623a9e4ef8e00

    SHA256

    1374181b4b538be6d58c3b49e818b54e680a94c5a0391898c47ff24b56b8ec25

    SHA512

    4987c93760a8a8b5d48292a9e283d1b3a032461c23a4fedf647f9bd5897aa4d97daa183c2f5e72ab04ab80905906eaf36d656cb247ca72f101cc78be42983abb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    902af7967582bb1b75d7b377b45f683a

    SHA1

    1fff70a826422626216d62659c50d375f9854e83

    SHA256

    15853e0be28253360b59217e8d1e62364cc66a48da3ed33b433a58d662d0922a

    SHA512

    c15a06a60e4d20c8a17b755717be1d850e2e589788935f3980f85295ee5dc92e93644fa290f87aded0e20e0e6bc641e74ece16bff7a7774e59c04fbef810401b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    46d678d2df3dca7ae8c4f3d4cb1dbd87

    SHA1

    2b6c9498972e30cbe32ff9e6a69a7dd727b9810d

    SHA256

    b42e34dd34dc8fc9c20261f177d5a50fd0ae247934141e819032b40aeba71fe0

    SHA512

    80e7aa40bd681a217067c1338d949a9c818ab1390ef6e659f8792ca67d3a6cb47c96f9225461f6656f03464addcebee5d4e7ff28db936c988c51b7ba6c36bb1e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    1717e1772e45ea54bb7fc85340b69c5c

    SHA1

    82594528e7abc4126b83c4459513361316c71d2a

    SHA256

    2825d0f9e76d4101d0927fe367f32be9856fae14f09eed32a12eb4c069b73632

    SHA512

    185b85332e59fa0f136680f2bf4ef00e5bef954be1c32ccff0676620073af892565cb41d03f422889f9bf31f2a2dbec7abc6466cf5b2d9b187df9000b95a2ca9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b192009ee50babb7a04de0c4e2ce6abf

    SHA1

    4d7c416c87fc04092ee3d82cf2c104ff0ba52946

    SHA256

    5c1a6c538af2e9e374ce3ed9cec27d1767f280da95026337788b355eb8fff4b2

    SHA512

    749030b1b283d8abaf151defec8f9b4e7dd3f21c77786c7f9c7763a4eb96e082ea53f9a18036105426e08c5209cec00e92910de89ef5168823ed967949743ee6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    6b5d6bc95e19282cab80c64ec6897271

    SHA1

    cb39b82c658cddf9bd1a9f4c126d60c864d2a104

    SHA256

    b7c9e64baed930d2124b1232bd557f0c8f9e298197267e01d25f292f7646e539

    SHA512

    90e6326508e235efa4a8acb83a1f778c337994b9436c2d30d22b071ff39c186447cde844e07f061758f513b0e76ff0d14c588d207d88683546c97a6c7ad9e7e1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    6338f3e20932b58efab328778e6048d5

    SHA1

    448aa917037fe76115d6c0fded39c101a07bdc59

    SHA256

    bd2a08c8ac6850cb0fa744f218320f29444f1c32de770f8ecf78ae7689e8e5f5

    SHA512

    4fef5a52f8ac3a9f3b501f64c5ad9c20d27c67ff159a06d394db837c2d505352c2c23677a8de5a0358c93560d933ca7dbf54fc899f8ba172651cd0e0c0e5deeb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    8aead27740096349d811fa677308f8e6

    SHA1

    aee5e035e11265396a8fa28287fd87248a9b95b5

    SHA256

    650543cbab183a61416c4dd495dd1f5622ef00369df51e2f108fe27edad4e5a6

    SHA512

    9f1525abf4ace5746088aa789d8020af6219b1169de40c3886a23cdcd8e9f4160baf3bda28c9b70b1d3b3d5ff87db984826df4df61999e137951dd7f26e0f13c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d1fb5c5aef3ac92538e9b9cfb03be937

    SHA1

    d6e26205f2649eeb7411a5dd7214fe02f1a4f623

    SHA256

    800a3b1e92ff7dd5f6f3db8de2014f055947d0fdffad6a5d36f0f42dfd15ae2c

    SHA512

    a42a510b8fe9226021975d73afd9c64bf4e089e8326a81625bf6d38c3354fbbc4475ce22b42f2feacf1d1348b16ed9e2ca06f872518b0f7733d65d5f6b260513

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    fee9407f268f776137cc06beee1521e8

    SHA1

    a2ecaeaa69fcbcef5d57108ee6470f90cf6b376b

    SHA256

    ade86a425e4b366afb2a19817d2420006f93fec85cf0ca93f08a45bf63565113

    SHA512

    26b1df165e0c8faa56ce4c8d33dc634306bb36054bd70045bfcd7ecdd38bb5d4b852589096afb204426766ab4c102eb6f5a84d7c1f44182c00c5ebc2f5dc18cc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b647ad44b96bf898e4fa5eac3a6dff2a

    SHA1

    3eff9a4e194d89bcc5c1a06a4f5f54a4e4f4b165

    SHA256

    5816bb2cd61d88d462467c98d7caba35b600c96674fe769e122de7731a86012a

    SHA512

    a47c992a60cee8d0dd44fd64553e0da8838a43c72758ec142ad68a2286a7b6fa444a3ead89bf4ab86b2a4cb60114085ad9a69c0067e15dbe90e82ffc73f72a67

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    bd36b2d764b80d57c6b08dbdbcda3c89

    SHA1

    2f2a32e48e2c17344c487ec321fae12553197c73

    SHA256

    9a452e2bfe637ebd8943f1eda07fc159787d0ff89904f5e40b5fc2d0dd633854

    SHA512

    951822144fce6fddf1005379c286081947052721b2d51c9807e7c08b57179cceeb2287bd677179e07d703dfc374fee61f6ee440cc34705451cd495ecc1999dfc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    4b5c9e48f66353fccb59764929da7150

    SHA1

    63c0df5815b723c0a6ce1070ea6fb7578714a323

    SHA256

    6bfa303a117d0b07e07eb37c99fac7518ea4edd73db131d1062773a90cecd3ba

    SHA512

    2487de11b1dd90af051bc2b0c1bcb885f7258211d6406e6004b35ded4c10e056ac4a7ed30ca237efeb3c4aeb7706e5c6ec39dfcad941302561db33f8f0e4b1e7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c6f235a298f2890d6b508374573315c2

    SHA1

    05b2ae73a9483990f0611f72dda67e7985d956f2

    SHA256

    218090d7964d372b3de9603212d880fe9f3fcc4102a8277050fc88d90ca6d078

    SHA512

    500ac92e56dbd6424a1f6d4c936851f7473b20c969e0aea0cbd28afc321683d56177b2247b38c718869a2c111784330b2c6252ae6932674b354e5bfff654dfab

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    4564587e335f66dba07b1a20b9fd4aa7

    SHA1

    4bfb4557b838f679ffb1be2be1b059ad6ad4d003

    SHA256

    5591566ede2bc0bbbfd518e0eac07f2471e43eae6b23d652c7f82b0515ad30f8

    SHA512

    05690c7bb1b5e25d8d11c2d8098fa17c3a08d86e8f657fa0eee1e8da0fd8c90f67d74d3d38567e4c0d70d26cef9a9742de5ee467566d0e1f3371943825a52638

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    10e82cecab91dd635f2e38b3ac30dd38

    SHA1

    6b4ddd9f5f07fd94767aab7284a273d0ab262206

    SHA256

    465c88b34be5affd6ece059ee446eb56b65d78d91a2dba8f0db7cf443ce39601

    SHA512

    74d87ad59915cce58ba56c0fd434488662d5ef984714827666180c0def5c5a9fd01b45ab1ce68c571f5b4dce90c9636744feed653f959a0eb4f4cd8209e09f6d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    14ac0014068ee1c9c9287074fb0abb83

    SHA1

    919d373e974564969a1bb844ca01ef18201d4c96

    SHA256

    3f7b0154c1cd5b30da7c95035c3dde9568db4f322f0a026a075e9c7112b97dbb

    SHA512

    0e5f2a7273923ee1e62096e4fcd40d64934dde0dc706f39df85f16bf4ab9f461cee95870aecb777ebc00f949114d4bd8d09fae8e8b7b207ed83962ddf6f51f13

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357
    Filesize

    242B

    MD5

    f0da120dbfa555c0e837064dbd65a740

    SHA1

    50ad3470eee268904cd078bfb222042b54facc1f

    SHA256

    891f9ddb228e066416c5876702d9b900c233a90e37de45660a41722936a71d08

    SHA512

    69015ffb37f3367ab728f79e45be9701dfff2dc1f8cd621e8437c6438f1797a7055fe44dfcc11734f252e933994863434d5795bc50e215d7a4c1be8bd69e6194

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\Internet Explorer\Services\search_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.ico
    Filesize

    4KB

    MD5

    da597791be3b6e732f0bc8b20e38ee62

    SHA1

    1125c45d285c360542027d7554a5c442288974de

    SHA256

    5b2c34b3c4e8dd898b664dba6c3786e2ff9869eff55d673aa48361f11325ed07

    SHA512

    d8dc8358727590a1ed74dc70356aedc0499552c2dc0cd4f7a01853dd85ceb3aead5fbdc7c75d7da36db6af2448ce5abdff64cebdca3533ecad953c061a9b338e

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab2740.tmp
    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar286E.tmp
    Filesize

    171KB

    MD5

    9c0c641c06238516f27941aa1166d427

    SHA1

    64cd549fb8cf014fcd9312aa7a5b023847b6c977

    SHA256

    4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

    SHA512

    936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

    Download Submit