Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

Phxnt0m-ma...per.py

windows11-21h2-x64

3

Phxnt0m-ma...ing.py

windows11-21h2-x64

3

Phxnt0m-ma...ion.py

windows11-21h2-x64

3

Phxnt0m-ma...rer.py

windows11-21h2-x64

3

Phxnt0m-ma...val.py

windows11-21h2-x64

3

Phxnt0m-ma...ing.py

windows11-21h2-x64

3

Phxnt0m-ma...omb.py

windows11-21h2-x64

3

Phxnt0m-ma...ber.py

windows11-21h2-x64

3

Phxnt0m-ma...are.py

windows11-21h2-x64

3

Phxnt0m-ma...ger.py

windows11-21h2-x64

3

Phxnt0m-ma...kes.py

windows11-21h2-x64

3

Phxnt0m-ma...one.py

windows11-21h2-x64

3

Phxnt0m-ma...ger.py

windows11-21h2-x64

3

Phxnt0m-ma...ing.py

windows11-21h2-x64

3

Phxnt0m-ma...rol.py

windows11-21h2-x64

3

Phxnt0m-ma...ess.py

windows11-21h2-x64

3

Phxnt0m-ma...try.py

windows11-21h2-x64

3

Phxnt0m-ma...ell.py

windows11-21h2-x64

3

Phxnt0m-ma...ion.py

windows11-21h2-x64

3

Phxnt0m-ma...rec.py

windows11-21h2-x64

3

Phxnt0m-ma...hot.py

windows11-21h2-x64

3

Phxnt0m-ma...ech.py

windows11-21h2-x64

3

Phxnt0m-ma...cam.py

windows11-21h2-x64

3

Phxnt0m-ma...ker.py

windows11-21h2-x64

3

Phxnt0m-ma...ass.py

windows11-21h2-x64

3

Phxnt0m-ma...px.exe

windows11-21h2-x64

5

Phxnt0m-ma...rce.py

windows11-21h2-x64

3

Phxnt0m-ma...io.bat

windows11-21h2-x64

1

Phxnt0m-ma...me.exe

windows11-21h2-x64

9

Phxnt0m-ma...ain.py

windows11-21h2-x64

3

Phxnt0m-ma...dio.py

windows11-21h2-x64

3

Phxnt0m-ma...ter.py

windows11-21h2-x64

3

Analysis

  • max time kernel
    85s
  • max time network
    96s
  • platform
    windows11-21h2_x64
  • resource
    win11-20241007-es
  • resource tags

    arch:x64arch:x86image:win11-20241007-eslocale:es-esos:windows11-21h2-x64systemwindows
  • submitted
    10/11/2024, 21:06 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Phxnt0m-malware-main/Phxnt0mware RAT - main/resources/source_code/file_encryption.py

  • Size

    4KB

  • MD5

    7960f98bb360b54894b0c99df58937d8

  • SHA1

    d5f43b1d210f3c1705603435e3eaea002b71f313

  • SHA256

    ea8ad992b500560cb126c2c3f48c0da8634a5a997e69b76e3a21004a83f6c043

  • SHA512

    b602699562c7de76c20b0df8226c7a5bbf62c82ec233d25bb79133e9df7f56c3cc91c1dd27c7dd4bf2075a6d646fbe8c5b51deca68558eb776ec898858015d4c

  • SSDEEP

    96:9Vdbhfp0wt8S0lZvHim+lzvH2/hUndrhtvH2Do6vHiNES9+2sh3:9TbL07S0lZaVhoidrTIo6a20sd

Score
3/10

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Modifies registry class 2 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Windows\system32\cmd.exe
    cmd /c "C:\Users\Admin\AppData\Local\Temp\Phxnt0m-malware-main\Phxnt0mware RAT - main\resources\source_code\file_encryption.py"
    1⤵
    • Modifies registry class
    PID:4816
  • C:\Windows\system32\OpenWith.exe
    C:\Windows\system32\OpenWith.exe -Embedding
    1⤵
    • Modifies registry class
    • Suspicious use of SetWindowsHookEx
    PID:5056

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.