0adf25603532d33bffa96f8c889f576f928e0127fc06122d9367eb39eedd39e2

Sharing

Copy URL

Twitter E-mail

General

Target

Phoenix.rar
Size

6.5MB
Sample

240506-zf3w8adc22
MD5

63cebf3c5c481802464dcc2f29f44eb4
SHA1

fe4716a0f3b40c375b067a6cfb145fcc173cb76c
SHA256

0adf25603532d33bffa96f8c889f576f928e0127fc06122d9367eb39eedd39e2
SHA512

cc314a57341157acdcd8dd015b3b253cd1ef04a725d9e2e012ec2f1bb51fd30f8eb5c628a609811ae4c9bcce0717cc73c05f11b0df968161bb8fc9faef399c3a
SSDEEP

196608:4ouCW0D6evV0rFs3H/RU7vghrtmRqAdOelC+kSCnyeZuKHb:vzL2yJU7YjmRblCwCny+Hb

Score

6^/10

Malware Config

Targets

- Target
  
  Phoenix/AngleSharp.dll
- Size
  
  861KB
- MD5
  
  ba231be096738680abadcb0504361b6e
- SHA1
  
  7eb1609f8643d1964ec252f897c05a10345b7d85
- SHA256
  
  78e304f09e0af840441733b89bb3c268109fa1c4200085a7c1edb097b6723d7a
- SHA512
  
  3a662033bbd0688cd76da84970d988c6932912a7cbac7f6ed1b26e32f480e9ac4866609764334a610c3b8b52de4d52c557e23d3ea111f154ff41e426d14923cc
- SSDEEP
  
  6144:JnFGmSD2smAF5DvLpN15eNcWx0x1DOlzWrBmXgis5zEJ0rlz6zoMJsJG/YLfjrkS:J8XlrNHwqd6aD26o2GckUMIC5Yq6ku
Score

1^/10
behavioral1 behavioral2
- Target
  
  Phoenix/Colorful.Console.dll
- Size
  
  88KB
- MD5
  
  89fab48df74cab3bb13ce012a1d3021c
- SHA1
  
  9e26dc19e7126be8fa150e2798e3be14c059afbb
- SHA256
  
  b8f2f0e9263129742e11bbaf56e0f082499a68d5113959b6a857ed51aa8a2570
- SHA512
  
  14a778f15a7e2bfa178aa73c6c8776b7812116915318ae6202250f66faacf276e514c97628d104ae687efe9dcbb14a0ac48b2658fc1218bd2448cee473132c52
- SSDEEP
  
  1536:1yQJm5aA5hedAW4B2nBKc6dQ/lawQ/ddbrL:1ccA5QdO2B9Wsl/Q/PL
Score

1^/10
behavioral3 behavioral4
- Target
  
  Phoenix/ICSharpCode.SharpZipLib.dll
- Size
  
  243KB
- MD5
  
  4fe179ef90fa134b8e564ab7ff9bd903
- SHA1
  
  350090780710aa3448e2bd3b814eedefcc6026a5
- SHA256
  
  d35291416c0b7dec5232486b26406f4d02da190ca8237b53542d20f24135eac7
- SHA512
  
  321092782a5ddc78b3cd1b5395ae8818e0cfab762b48f0fcd9bde4b1ab9c40b374d3a910efe67e6fead3b7aecf378055c7feb97e3c8198f83a13bd6612a23411
- SSDEEP
  
  6144:6Po8JC1HXfrusPX/qQCSdAFRLtaMimzXo0f:69C13fr1v/qO6yiXo
Score

1^/10
behavioral5 behavioral6
- Target
  
  Phoenix/Newtonsoft.Json.dll
- Size
  
  679KB
- MD5
  
  916d32b899f1bc23b209648d007b99fd
- SHA1
  
  e3673d05d46f29e68241d4536bddf18cdd0a913d
- SHA256
  
  72cf291d4bab0edd08a9b07c6173e1e7ad1abb7ab727fd7044bf6305d7515661
- SHA512
  
  60bd2693daa42637f8ae6d6460c3013c87f46f28e9b0dbf9d7f6764703b904a7c8c22e30b4ba13f1f23f6cbee7d9640ee3821c48110e67440f237c2bb2ee5eb6
- SSDEEP
  
  12288:1eos/POdGV5jfWrV/9Yeh9eRcyLfLYtT5mWxTZ/B7jW5JMtRRpKzQk:10/POdGV5jfW5VnhFyvOB7jW5JMty
Score

1^/10
behavioral7 behavioral8
- Target
  
  Phoenix/Phoenix.dll
- Size
  
  335KB
- MD5
  
  15a1cedc996c0ae8f07ff74dfe6c70e7
- SHA1
  
  54d5c6d68a11a2a5742e25df0f06cc9f178095cc
- SHA256
  
  d568145624f1bebf3ce071e857f1a5109d00ce1f25ef23e8091ae7e07b5d3743
- SHA512
  
  9cb32cdab4b15c0c3c9db874561ed8835ad01221ca99d8db32b135908c3a18c436f476906f57ee4ce3ddb45b31a9d36ac926a8346e606d9f53063aa84eb8c20f
- SSDEEP
  
  3072:KO2NQBeeWeALKxR2QDTpYAA8sHqAQA/VoxrdtSZtV2u+Q:KZA3oS2gTiPHqAZ/exrdKV2
Score

1^/10
behavioral10 behavioral9
- Target
  
  Phoenix/Phoenix.exe
- Size
  
  414KB
- MD5
  
  ec4d07a1cf9fe38c0a3d38f43acadbef
- SHA1
  
  0d0a5d4054389ceeffb3c58a9a29f59f77598d88
- SHA256
  
  6bd40edf9f7a61561f1c0a061fc6715d551586c8db6655d9a5a30ce828887918
- SHA512
  
  d828317992968170492cac0ff3b1b34822dd8b5c891e008006da8451da7ee2712b8146cc01c15901b018046d9439fa73a4f406adf114bed4dba273a483ba7693
- SSDEEP
  
  6144:tIvK36o44QadTWYl/IK12gTiPHqAZ/exrdKV2:tIvKKadoS2aQYxRKV2
Score

6^/10
- Legitimate hosting services abused for malware hosting/C2
behavioral11 behavioral12
- Target
  
  Phoenix/WebDriver.dll
- Size
  
  6.0MB
- MD5
  
  df071bba2795f15834478309e6f01719
- SHA1
  
  6e1993c8fa7db5d9a6513c261e9c80a47a460c50
- SHA256
  
  27b1191b10a574e4ee2526ad8288b3005ae156ffcd189fc4d7f78a9d4e14b003
- SHA512
  
  314844239f4d3bebe6ca9b714028687b8acabb90a30619cb9f1e8308b3c49a50ea94a6a48972631829b379e5edb36c145299ec4089fc735fca2ba7c882b61bfb
- SSDEEP
  
  49152:LHhb4NysM6OL15POxIxluO5zYE4AI2t2y8gO54znQgO:Lh4Nyfi8qf
Score

1^/10
behavioral13 behavioral14
- Target
  
  Phoenix/WebDriverManager.dll
- Size
  
  28KB
- MD5
  
  e46c940c1b5063c0843ad3fc356f075c
- SHA1
  
  3a8a46d8b6a6d7bc5dce47ac6de7f80b7b6dd74a
- SHA256
  
  0b99bfe6a17ff026d4f762dbca7d1a6b1cdfc3c444b93a33b275475920e84612
- SHA512
  
  76aafb88e50968dbe7c4c131c11252ded77c74b4ff610e959e7cd15c757822d45581ee9cd8b87049b23739d7f63b3619a1a46f31e94fccbacc84a54532317fb2
- SSDEEP
  
  768:bH14xO5hrj2PIgEgb/4G5pU/upU0KpFp9B6heR:QO5hrj2jEO4G5pU/upU0KpFp9B6heR
Score

1^/10
behavioral15 behavioral16
- Target
  
  Phoenix/selenium-manager/windows/selenium-manager.exe
- Size
  
  3.4MB
- MD5
  
  138ab682b68dc90cd96301b4a077699f
- SHA1
  
  d1a5168201893a73e01072d43571c9caef946fde
- SHA256
  
  a1cef0ed9398e7f7e6cef1cb637790a97dc3f0a9d233c1bc5804e1e45b50f959
- SHA512
  
  f909c88fafbc27ac8d808fe4fd68441dfcaabb56a8f9bffe7b2345e6a5993719e8259a4efee4cfb05e3341ca801810f2062df8bb670c160b5686ebd73ae3c003
- SSDEEP
  
  49152:84B3DV5ULyZu823kMZUKWrUkvRXA3VVgrKf62a8cvze5c71h8XIU6iCVWN:P3cPgjWVgrKy2We5cZ+
Score

1^/10
behavioral17 behavioral18

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

T1102

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Legitimate hosting services abused for malware hosting/C2

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18