phorphiex | dff97ccdcd4842d8690b0530e0b98643a0c6b84a3b2aa30222784b807642a764 | Triage

Sharing

General

Target

dff97ccdcd4842d8690b0530e0b98643a0c6b84a3b2aa30222784b807642a764.exe
Size

37KB
Sample

241218-3f5mlaxmhq
MD5

635a58029ce832a74876c3ffec0c3acf
SHA1

bb00046e17cb65703a4435d6e30df21d7a185159
SHA256

dff97ccdcd4842d8690b0530e0b98643a0c6b84a3b2aa30222784b807642a764
SHA512

50186fa0f438b2d74716df89374b6f2106b7ec6d600ed62dd45bd7c6fd8875150e794d329dcebb755dc30bd21c386dd792d8fa6d3868408e26eb66142c43c7b0
SSDEEP

768:lRrgLWAeXOMhbcqnLPsJLWRvdgLoeSxLNLDWVTv4bBOaec8LPXa:3GeXOFqn7Qevd3e+taz4fec8zK

Score

10^/10

phorphiex discovery evasion loader trojan worm

Malware Config

Targets

- Target
  
  dff97ccdcd4842d8690b0530e0b98643a0c6b84a3b2aa30222784b807642a764.exe
- Size
  
  37KB
- MD5
  
  635a58029ce832a74876c3ffec0c3acf
- SHA1
  
  bb00046e17cb65703a4435d6e30df21d7a185159
- SHA256
  
  dff97ccdcd4842d8690b0530e0b98643a0c6b84a3b2aa30222784b807642a764
- SHA512
  
  50186fa0f438b2d74716df89374b6f2106b7ec6d600ed62dd45bd7c6fd8875150e794d329dcebb755dc30bd21c386dd792d8fa6d3868408e26eb66142c43c7b0
- SSDEEP
  
  768:lRrgLWAeXOMhbcqnLPsJLWRvdgLoeSxLNLDWVTv4bBOaec8LPXa:3GeXOFqn7Qevd3e+taz4fec8zK
Score

10^/10

phorphiex discovery loader trojan worm evasion
- Modifies firewall policy service
  evasion
- Phorphiex family
  phorphiex
- Phorphiex payload
- Phorphiex, Phorpiex
  Phorphiex or Phorpiex Malware family which infects systems to distribute other malicious payloads such as ransomware, stealers and cryptominers.
  worm trojan loader phorphiex
- Downloads MZ/PE file
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Create or Modify System Process

Windows Service

Privilege Escalation

Create or Modify System Process

Windows Service

Defense Evasion

Impair Defenses

Disable or Modify System Firewall

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

phorphiexdiscoveryloadertrojanworm

behavioral2

phorphiexdiscoveryevasionloadertrojanworm