phorphiex | be068de9e770469a4969741b399e6e2c36e9dc1eb93ffd51c777b6f1aab97168 | Triage

Submit
Reports

Overview

overview

Static

static

be068de9e7...8N.exe

windows7-x64

be068de9e7...8N.exe

windows10-2004-x64

Sharing

General

Target

be068de9e770469a4969741b399e6e2c36e9dc1eb93ffd51c777b6f1aab97168N.exe
Size

102KB
Sample

241128-yygw2aypas
MD5

5e4a29705f3aebceec775589526d58f0
SHA1

feb9b4dd956f4158c7b18fe64813b88a2003ba88
SHA256

be068de9e770469a4969741b399e6e2c36e9dc1eb93ffd51c777b6f1aab97168
SHA512

93e24958d978066bdef7e59b6f1f2ae3389be8e5a84f8d148c5a057abf3b6785c3593c65fd130a65806f0bae193377738c8371e4e9cb9bbe88651ca30eae7217
SSDEEP

1536:z3Mz8oy284usnjFzuNXoaSTM98qKH5Fn18CAkewoAd+ypy18FRn:YwofxFK5oagMNO5FyCAfKMypy1o

Score

10^/10

phorphiex discovery evasion loader persistence trojan worm

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

be068de9e770469a4969741b399e6e2c36e9dc1eb93ffd51c777b6f1aab97168N.exe

Resource

win7-20241010-en

phorphiex discovery evasion loader persistence trojan worm

windows7-x64

10 signatures

120 seconds

Behavioral task

behavioral2

Sample

be068de9e770469a4969741b399e6e2c36e9dc1eb93ffd51c777b6f1aab97168N.exe

Resource

win10v2004-20241007-en

phorphiex discovery evasion loader persistence trojan worm

windows10-2004-x64

10 signatures

120 seconds

Malware Config

Targets

- Target
  
  be068de9e770469a4969741b399e6e2c36e9dc1eb93ffd51c777b6f1aab97168N.exe
- Size
  
  102KB
- MD5
  
  5e4a29705f3aebceec775589526d58f0
- SHA1
  
  feb9b4dd956f4158c7b18fe64813b88a2003ba88
- SHA256
  
  be068de9e770469a4969741b399e6e2c36e9dc1eb93ffd51c777b6f1aab97168
- SHA512
  
  93e24958d978066bdef7e59b6f1f2ae3389be8e5a84f8d148c5a057abf3b6785c3593c65fd130a65806f0bae193377738c8371e4e9cb9bbe88651ca30eae7217
- SSDEEP
  
  1536:z3Mz8oy284usnjFzuNXoaSTM98qKH5Fn18CAkewoAd+ypy18FRn:YwofxFK5oagMNO5FyCAfKMypy1o
Score

10^/10

phorphiex discovery evasion loader persistence trojan worm
- Phorphiex family
  phorphiex
- Phorphiex payload
- Phorphiex, Phorpiex
  Phorphiex or Phorpiex Malware family which infects systems to distribute other malicious payloads such as ransomware, stealers and cryptominers.
  worm trojan loader phorphiex
- Windows security bypass
  evasion trojan
- Executes dropped EXE
- Windows security modification
  evasion trojan
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Impair Defenses

Disable or Modify Tools

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

phorphiexdiscoveryevasionloaderpersistencetrojanworm

behavioral2

phorphiexdiscoveryevasionloaderpersistencetrojanworm

© 2018-2024

Terms | Privacy