General
-
Target
BFDFC7BDB3890683E8D3B5F3D9CAE5048DE3CBEDEBF223E4B9B732B096917BEB.exe
-
Size
562KB
-
Sample
240724-zxqyzszemb
-
MD5
f5ce2d7efe8c3aaed87ec7e8adc05f03
-
SHA1
693bb3cb67684e2b8b73956431b35b97dad92f15
-
SHA256
cf47849486b54a356e344fa8b4fb6540caec3f602fc44d2c381ef2213c24d135
-
SHA512
c47ef59080a18c91558685e5526a9e7dd1721e76cea931d947ecec70ee2252d2528332f7b31b8726185dfd220f497ffeb6ef705e3c9ce3aa9146b9c3d6397e16
-
SSDEEP
12288:J7vT8cGUCZmxIwNjVGCXZqmmJUE/JHkdIUnjoqhPkw4d:Jz4BUCZmxIw1VGCXZ5mJ1kdZnBhY
Behavioral task
behavioral1
Sample
BFDFC7BDB3890683E8D3B5F3D9CAE5048DE3CBEDEBF223E4B9B732B096917BEB.exe
Resource
win7-20240705-en
Behavioral task
behavioral2
Sample
BFDFC7BDB3890683E8D3B5F3D9CAE5048DE3CBEDEBF223E4B9B732B096917BEB.exe
Resource
win10v2004-20240709-en
Malware Config
Targets
-
-
Target
BFDFC7BDB3890683E8D3B5F3D9CAE5048DE3CBEDEBF223E4B9B732B096917BEB.exe
-
Size
562KB
-
MD5
f5ce2d7efe8c3aaed87ec7e8adc05f03
-
SHA1
693bb3cb67684e2b8b73956431b35b97dad92f15
-
SHA256
cf47849486b54a356e344fa8b4fb6540caec3f602fc44d2c381ef2213c24d135
-
SHA512
c47ef59080a18c91558685e5526a9e7dd1721e76cea931d947ecec70ee2252d2528332f7b31b8726185dfd220f497ffeb6ef705e3c9ce3aa9146b9c3d6397e16
-
SSDEEP
12288:J7vT8cGUCZmxIwNjVGCXZqmmJUE/JHkdIUnjoqhPkw4d:Jz4BUCZmxIw1VGCXZ5mJ1kdZnBhY
-
Panda Stealer payload
-
PhoenixStealer
PhoenixStealer is an information stealer written in the C++, it sends the stolen information to cybercriminals.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-