3816c836b3af21fcc7f05a71ad13b17aaa110be1ecee68aa18c22bf9729bca48

Submit
Reports

Overview

overview

Static

static

Phxnt0m-ma...per.py

windows11-21h2-x64

Phxnt0m-ma...ing.py

windows11-21h2-x64

Phxnt0m-ma...ion.py

windows11-21h2-x64

Phxnt0m-ma...rer.py

windows11-21h2-x64

Phxnt0m-ma...val.py

windows11-21h2-x64

Phxnt0m-ma...ing.py

windows11-21h2-x64

Phxnt0m-ma...omb.py

windows11-21h2-x64

Phxnt0m-ma...ber.py

windows11-21h2-x64

Phxnt0m-ma...are.py

windows11-21h2-x64

Phxnt0m-ma...ger.py

windows11-21h2-x64

Phxnt0m-ma...kes.py

windows11-21h2-x64

Phxnt0m-ma...one.py

windows11-21h2-x64

Phxnt0m-ma...ger.py

windows11-21h2-x64

Phxnt0m-ma...ing.py

windows11-21h2-x64

Phxnt0m-ma...rol.py

windows11-21h2-x64

Phxnt0m-ma...ess.py

windows11-21h2-x64

Phxnt0m-ma...try.py

windows11-21h2-x64

Phxnt0m-ma...ell.py

windows11-21h2-x64

Phxnt0m-ma...ion.py

windows11-21h2-x64

Phxnt0m-ma...rec.py

windows11-21h2-x64

Phxnt0m-ma...hot.py

windows11-21h2-x64

Phxnt0m-ma...ech.py

windows11-21h2-x64

Phxnt0m-ma...cam.py

windows11-21h2-x64

Phxnt0m-ma...ker.py

windows11-21h2-x64

Phxnt0m-ma...ass.py

windows11-21h2-x64

Phxnt0m-ma...px.exe

windows11-21h2-x64

Phxnt0m-ma...rce.py

windows11-21h2-x64

Phxnt0m-ma...io.bat

windows11-21h2-x64

Phxnt0m-ma...me.exe

windows11-21h2-x64

Phxnt0m-ma...ain.py

windows11-21h2-x64

Phxnt0m-ma...dio.py

windows11-21h2-x64

Phxnt0m-ma...ter.py

windows11-21h2-x64

Analysis

max time kernel
91s
max time network
96s
platform
windows11-21h2_x64
resource
win11-20241007-es
resource tags

arch:x64arch:x86image:win11-20241007-eslocale:es-esos:windows11-21h2-x64systemwindows
submitted
10-11-2024 21:06

Sharing

Copy URL

Twitter E-mail

Static task

static1

6 signatures

Behavioral task

behavioral1

Sample

Phxnt0m-malware-main/Phxnt0mware RAT - main/resources/source_code/crypto_clipper.py

Resource

win11-20241007-es

windows11-21h2-x64

3 signatures

150 seconds

Behavioral task

behavioral2

Sample

Phxnt0m-malware-main/Phxnt0mware RAT - main/resources/source_code/file_downloading.py

Resource

win11-20241023-es

windows11-21h2-x64

3 signatures

150 seconds

Behavioral task

behavioral3

Sample

Phxnt0m-malware-main/Phxnt0mware RAT - main/resources/source_code/file_encryption.py

Resource

win11-20241007-es

windows11-21h2-x64

3 signatures

150 seconds

Behavioral task

behavioral4

Sample

Phxnt0m-malware-main/Phxnt0mware RAT - main/resources/source_code/file_explorer.py

Resource

win11-20241007-es

windows11-21h2-x64

3 signatures

150 seconds

Behavioral task

behavioral5

Sample

Phxnt0m-malware-main/Phxnt0mware RAT - main/resources/source_code/file_removal.py

Resource

win11-20241007-es

windows11-21h2-x64

3 signatures

150 seconds

Behavioral task

behavioral6

Sample

Phxnt0m-malware-main/Phxnt0mware RAT - main/resources/source_code/file_uploading.py

Resource

win11-20241007-es

windows11-21h2-x64

3 signatures

150 seconds

Behavioral task

behavioral7

Sample

Phxnt0m-malware-main/Phxnt0mware RAT - main/resources/source_code/fork_bomb.py

Resource

win11-20241007-es

windows11-21h2-x64

3 signatures

150 seconds

Behavioral task

behavioral8

Sample

Phxnt0m-malware-main/Phxnt0mware RAT - main/resources/source_code/grabber.py

Resource

win11-20241023-es

windows11-21h2-x64

3 signatures

150 seconds

Behavioral task

behavioral9

Sample

Phxnt0m-malware-main/Phxnt0mware RAT - main/resources/source_code/jumpscare.py

Resource

win11-20241007-es

windows11-21h2-x64

3 signatures

150 seconds

Behavioral task

behavioral10

Sample

Phxnt0m-malware-main/Phxnt0mware RAT - main/resources/source_code/keylogger.py

Resource

win11-20241007-es

windows11-21h2-x64

3 signatures

150 seconds

Behavioral task

behavioral11

Sample

Phxnt0m-malware-main/Phxnt0mware RAT - main/resources/source_code/keystrokes.py

Resource

win11-20241007-es

windows11-21h2-x64

3 signatures

150 seconds

Behavioral task

behavioral12

Sample

Phxnt0m-malware-main/Phxnt0mware RAT - main/resources/source_code/live_microphone.py

Resource

win11-20241007-es

windows11-21h2-x64

3 signatures

150 seconds

Behavioral task

behavioral13

Sample

Phxnt0m-malware-main/Phxnt0mware RAT - main/resources/source_code/messager.py

Resource

win11-20241007-es

windows11-21h2-x64

3 signatures

150 seconds

Behavioral task

behavioral14

Sample

Phxnt0m-malware-main/Phxnt0mware RAT - main/resources/source_code/microphone_recording.py

Resource

win11-20241007-es

windows11-21h2-x64

3 signatures

150 seconds

Behavioral task

behavioral15

Sample

Phxnt0m-malware-main/Phxnt0mware RAT - main/resources/source_code/monitor_control.py

Resource

win11-20241007-es

windows11-21h2-x64

3 signatures

150 seconds

Behavioral task

behavioral16

Sample

Phxnt0m-malware-main/Phxnt0mware RAT - main/resources/source_code/process.py

Resource

win11-20241007-es

windows11-21h2-x64

3 signatures

150 seconds

Behavioral task

behavioral17

Sample

Phxnt0m-malware-main/Phxnt0mware RAT - main/resources/source_code/registry.py

Resource

win11-20241007-es

windows11-21h2-x64

3 signatures

150 seconds

Behavioral task

behavioral18

Sample

Phxnt0m-malware-main/Phxnt0mware RAT - main/resources/source_code/reverse_shell.py

Resource

win11-20241007-es

windows11-21h2-x64

3 signatures

150 seconds

Behavioral task

behavioral19

Sample

Phxnt0m-malware-main/Phxnt0mware RAT - main/resources/source_code/screen_manipulation.py

Resource

win11-20241007-es

windows11-21h2-x64

3 signatures

150 seconds

Behavioral task

behavioral20

Sample

Phxnt0m-malware-main/Phxnt0mware RAT - main/resources/source_code/screenrec.py

Resource

win11-20241007-es

windows11-21h2-x64

3 signatures

150 seconds

Behavioral task

behavioral21

Sample

Phxnt0m-malware-main/Phxnt0mware RAT - main/resources/source_code/screenshot.py

Resource

win11-20241007-es

windows11-21h2-x64

3 signatures

150 seconds

Behavioral task

behavioral22

Sample

Phxnt0m-malware-main/Phxnt0mware RAT - main/resources/source_code/texttospeech.py

Resource

win11-20241007-es

windows11-21h2-x64

3 signatures

150 seconds

Behavioral task

behavioral23

Sample

Phxnt0m-malware-main/Phxnt0mware RAT - main/resources/source_code/webcam.py

Resource

win11-20241007-es

windows11-21h2-x64

3 signatures

150 seconds

Behavioral task

behavioral24

Sample

Phxnt0m-malware-main/Phxnt0mware RAT - main/resources/source_code/website_blocker.py

Resource

win11-20241007-es

windows11-21h2-x64

3 signatures

150 seconds

Behavioral task

behavioral25

Sample

Phxnt0m-malware-main/Phxnt0mware RAT - main/resources/uac_bypass.py

Resource

win11-20241007-es

windows11-21h2-x64

3 signatures

150 seconds

Behavioral task

behavioral26

Sample

Phxnt0m-malware-main/Phxnt0mware RAT - main/resources/upx.exe

Resource

win11-20241007-es

upx

windows11-21h2-x64

1 signatures

150 seconds

Behavioral task

behavioral27

Sample

Phxnt0m-malware-main/Phxnt0mware RAT - main/source.py

Resource

win11-20241007-es

windows11-21h2-x64

3 signatures

150 seconds

Behavioral task

behavioral28

Sample

Phxnt0m-malware-main/Phxnt0mware RAT - main/tools/drawling_studio/DrawlingStudio.bat

Resource

win11-20241007-es

windows11-21h2-x64

1 signatures

150 seconds

Behavioral task

behavioral29

Sample

Phxnt0m-malware-main/Phxnt0mware RAT - main/tools/drawling_studio/Runtime.exe

Resource

win11-20241007-es

evasion execution persistence upx

windows11-21h2-x64

13 signatures

150 seconds

Behavioral task

behavioral30

Sample

Phxnt0m-malware-main/Phxnt0mware RAT - main/tools/drawling_studio/main.py

Resource

win11-20241007-es

windows11-21h2-x64

3 signatures

150 seconds

Behavioral task

behavioral31

Sample

Phxnt0m-malware-main/Phxnt0mware RAT - main/tools/drawling_studio/studio.py

Resource

win11-20241007-es

windows11-21h2-x64

3 signatures

150 seconds

Behavioral task

behavioral32

Sample

Phxnt0m-malware-main/Phxnt0mware RAT - main/tools/splitter.py

Resource

win11-20241007-es

windows11-21h2-x64

3 signatures

150 seconds

Report Analysis Logs

General

Target

Phxnt0m-malware-main/Phxnt0mware RAT - main/resources/upx.exe
Size

550KB
MD5

b3dd61fb7352cf96a99d0511c97e0c2a
SHA1

d2f7a2b512cc19e699ec01ec5384adc1a3fd9221
SHA256

c6dd0a6cac2d2153e4666aacf43d487c1b6e2bc16cb7f956514ab02883ef2a42
SHA512

de7ecd05532e8dfe085ccc09dac6a5e2bb8581e8c0c64b883d34809711900b2c7341e99fe55f6708417ee4fafb374d7f896c70179bb359d23a78c4e806bd5a75
SSDEEP

12288:oLAkZzH8b5MxqvwAeP5XACx49pFl5ZmhR7GAWNjvGe:oLFdyMxqv1eP5QC49Z+eA+L

Score

5^/10

upx

Malware Config

Signatures

UPX packed file 2 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

Processes:

resource	yara_rule
behavioral26/memory/4100-0-0x0000000000400000-0x0000000000617000-memory.dmp	upx
behavioral26/memory/4100-2-0x0000000000400000-0x0000000000617000-memory.dmp	upx

Processes

C:\Users\Admin\AppData\Local\Temp\Phxnt0m-malware-main\Phxnt0mware RAT - main\resources\upx.exe
"C:\Users\Admin\AppData\Local\Temp\Phxnt0m-malware-main\Phxnt0mware RAT - main\resources\upx.exe"
1⤵
PID:4100

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/4100-0-0x0000000000400000-0x0000000000617000-memory.dmp

Filesize
2.1MB

Download
memory/4100-2-0x0000000000400000-0x0000000000617000-memory.dmp

Filesize
2.1MB

Download