phorphiex | 5eab2c8952f35b1f3b7f29a08daaabb593bc0eddc449a62999c6391c6a27cb3a | Triage

Sharing

General

Target

5eab2c8952f35b1f3b7f29a08daaabb593bc0eddc449a62999c6391c6a27cb3a.exe
Size

37KB
Sample

241125-y6vg4a1mfm
MD5

8a72160098cf004ff718ce011b80e262
SHA1

c1aaa00753d1d6487b292b16ec7ee8bdac1d419a
SHA256

5eab2c8952f35b1f3b7f29a08daaabb593bc0eddc449a62999c6391c6a27cb3a
SHA512

2b8e3266e553b63c0bd5c4c5a578bc15edfcb569b402d9611bb6cc72911181ad1c9637eb40625bb61e02d7483bec9b3740d44dce36326168edbc57ede227aec9
SSDEEP

768:CRrgLWAjWN6iY4P/6J8Ulw4P+7IHd+/9ctGfF1nS4:iGyN6DK/6J8UlwoHcaGN1S4

Score

10^/10

phorphiex discovery evasion loader trojan worm

Malware Config

Targets

- Target
  
  5eab2c8952f35b1f3b7f29a08daaabb593bc0eddc449a62999c6391c6a27cb3a.exe
- Size
  
  37KB
- MD5
  
  8a72160098cf004ff718ce011b80e262
- SHA1
  
  c1aaa00753d1d6487b292b16ec7ee8bdac1d419a
- SHA256
  
  5eab2c8952f35b1f3b7f29a08daaabb593bc0eddc449a62999c6391c6a27cb3a
- SHA512
  
  2b8e3266e553b63c0bd5c4c5a578bc15edfcb569b402d9611bb6cc72911181ad1c9637eb40625bb61e02d7483bec9b3740d44dce36326168edbc57ede227aec9
- SSDEEP
  
  768:CRrgLWAjWN6iY4P/6J8Ulw4P+7IHd+/9ctGfF1nS4:iGyN6DK/6J8UlwoHcaGN1S4
Score

10^/10

phorphiex discovery loader trojan worm evasion
- Modifies firewall policy service
  evasion
- Phorphiex family
  phorphiex
- Phorphiex payload
- Phorphiex, Phorpiex
  Phorphiex or Phorpiex Malware family which infects systems to distribute other malicious payloads such as ransomware, stealers and cryptominers.
  worm trojan loader phorphiex
- Downloads MZ/PE file
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Create or Modify System Process

Windows Service

Privilege Escalation

Create or Modify System Process

Windows Service

Defense Evasion

Impair Defenses

Disable or Modify System Firewall

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

phorphiexdiscoveryloadertrojanworm

behavioral2

phorphiexdiscoveryevasionloadertrojanworm