phorphiex | 6bd70382cf7182e467df82774ad35c921c7f82146c1e268fd122619a6eb9ec41 | Triage

Sharing

General

Target

Private.txt.scr.exe
Size

13KB
Sample

241209-p3gmdssnen
MD5

b41033d5faa645683f7436a065950958
SHA1

8bb0b09eb76fc43f586ab6a154e708f9186fba15
SHA256

6bd70382cf7182e467df82774ad35c921c7f82146c1e268fd122619a6eb9ec41
SHA512

55547373edd8e3ca77d575a813d9604ce7f906f3d7c998bf79b873dc56979eb8a186321c57cdd67567ddd50a50dc5cc83b6d116f27753b6c375e9895fa7672c0
SSDEEP

192:OEZY89KFIHZqux5cZpej0LZR19HLTRVJxTCqVIdthELOaUC:TZY8YFOZsZowRfLTRVmqVIdECa

Score

10^/10

phorphiex discovery

Malware Config

Extracted

Family

phorphiex

C2

http://185.215.113.66

Attributes

mutex
76759

Targets

- Target
  
  Private.txt.scr.exe
- Size
  
  13KB
- MD5
  
  b41033d5faa645683f7436a065950958
- SHA1
  
  8bb0b09eb76fc43f586ab6a154e708f9186fba15
- SHA256
  
  6bd70382cf7182e467df82774ad35c921c7f82146c1e268fd122619a6eb9ec41
- SHA512
  
  55547373edd8e3ca77d575a813d9604ce7f906f3d7c998bf79b873dc56979eb8a186321c57cdd67567ddd50a50dc5cc83b6d116f27753b6c375e9895fa7672c0
- SSDEEP
  
  192:OEZY89KFIHZqux5cZpej0LZR19HLTRVJxTCqVIdthELOaUC:TZY8YFOZsZowRfLTRVmqVIdECa
Score

8^/10

discovery
- Contacts a large (1788) amount of remote hosts
  This may indicate a network scan to discover remotely running services.
  discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Network Service Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2