phorphiex | 066ea7e779e63f2881e049d1c66b712babcf263168e5a118dbecf6546159f11f

General

Target

sysbsju.exe
Size

30KB
Sample

241104-q33qas1dkk
MD5

16c678e90ead5bce8a931cca8d9307d0
SHA1

c0c237348772fecac0ca9f84ddbfd3718f37e0a1
SHA256

066ea7e779e63f2881e049d1c66b712babcf263168e5a118dbecf6546159f11f
SHA512

a9d6adebae9d6f7e17b51dff3eef930096c87e71cfdb6591a99f9a8f1b85e22edd2de652be266895083b885b8cc5f790858c3d07c63c7c82e827d38a549080ca
SSDEEP

384:PIkpcwLsYEaysekAM1PsLwApaKZ5IRvKztY2Gci0WhYzJjn2Cb1Bg3cW53Yllyt3:PXAxPuPsLwA9ZuYztzYhY0oBEcWGl

Score

10^/10

phorphiex discovery

Malware Config

Extracted

Family

phorphiex

C2

http://b0t.to/

http://gshrghirhgsgrao.to/

http://hehfaofiehgggao.to/

http://soghrrsoeuhugao.to/

http://eiiiaoihoaeruao.to/

http://roiriorisioroao.to/

http://ouhgousgoahutao.to/

http://oeoaoueuoeuoaao.to/

http://aiaizzzezeezeao.to/

http://ouauooaoaoeeuao.to/

http://oeeoeuueueuueao.to/

http://eobbeaubfeuueao.to/

http://aauaaaeieiieeao.to/

http://aaaeieiiiofffao.to/

http://infineinfinigao.to/

http://baoefubfbfigoao.to/

http://aaauuwiifoogeao.to/

http://plporsiszsgetao.to/

http://gshrghirhgsgrla.co/

http://hehfaofiehgggla.co/

Wallets

1L6sJ7pmk6EGMUoTmpdbLez9dXACcirRHh

qzgdgnfd805z83wpu04rhld0yqs4dlrd35ll0ltqql

Xt8ZtCcG9BFoc7NfUNBVnxcTvYT4mmzh5i

D7otx94yAiXMUuuff23v8PAYH5XpkdQ89M

0xa5228127395263575a4b4f532e4f132b14599d24

LUMrZN6GTetcrXtzMmRayLpRN9JrCNcTe7

t1PVHo3JR9ZAxMxRXgTziGBeDwfb5Gwm64z

Attributes

user_agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:67.0) Gecko/20100101 Firefox/67.0

Targets

- Target
  
  sysbsju.exe
- Size
  
  30KB
- MD5
  
  16c678e90ead5bce8a931cca8d9307d0
- SHA1
  
  c0c237348772fecac0ca9f84ddbfd3718f37e0a1
- SHA256
  
  066ea7e779e63f2881e049d1c66b712babcf263168e5a118dbecf6546159f11f
- SHA512
  
  a9d6adebae9d6f7e17b51dff3eef930096c87e71cfdb6591a99f9a8f1b85e22edd2de652be266895083b885b8cc5f790858c3d07c63c7c82e827d38a549080ca
- SSDEEP
  
  384:PIkpcwLsYEaysekAM1PsLwApaKZ5IRvKztY2Gci0WhYzJjn2Cb1Bg3cW53Yllyt3:PXAxPuPsLwA9ZuYztzYhY0oBEcWGl
Score

3^/10

discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Resubmissions

Sharing

General

Malware Config

Extracted

Targets

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2