phorphiex | a6d2dd414aa8a5eee984b23050cdafa465e8dc33f2646020c3af92acddfc24e5 | Triage

Sharing

General

Target

a6d2dd414aa8a5eee984b23050cdafa465e8dc33f2646020c3af92acddfc24e5N.exe
Size

37KB
Sample

241219-dxzegawnem
MD5

40c9b1d98b3981232c1dd085e0900cc0
SHA1

dce689cd745a9143c8b76605771d7eec2f4f2ea0
SHA256

a6d2dd414aa8a5eee984b23050cdafa465e8dc33f2646020c3af92acddfc24e5
SHA512

0c1e84f1e6ea6757b7c01d97b5f71b46fd1040338126ee1484b46df86c4d04b853cdf0d32576265e8782e2309838557620461eada1aa3ab3d3622de46d5e7fe3
SSDEEP

768:lRrgLWAeXOMhbcqnLPsJLWRvdgLoeSxLNLDWVTv4bBOaec8LPX:3GeXOFqn7Qevd3e+taz4fec8z

Score

10^/10

phorphiex discovery evasion loader trojan worm

Malware Config

Targets

- Target
  
  a6d2dd414aa8a5eee984b23050cdafa465e8dc33f2646020c3af92acddfc24e5N.exe
- Size
  
  37KB
- MD5
  
  40c9b1d98b3981232c1dd085e0900cc0
- SHA1
  
  dce689cd745a9143c8b76605771d7eec2f4f2ea0
- SHA256
  
  a6d2dd414aa8a5eee984b23050cdafa465e8dc33f2646020c3af92acddfc24e5
- SHA512
  
  0c1e84f1e6ea6757b7c01d97b5f71b46fd1040338126ee1484b46df86c4d04b853cdf0d32576265e8782e2309838557620461eada1aa3ab3d3622de46d5e7fe3
- SSDEEP
  
  768:lRrgLWAeXOMhbcqnLPsJLWRvdgLoeSxLNLDWVTv4bBOaec8LPX:3GeXOFqn7Qevd3e+taz4fec8z
Score

10^/10

phorphiex discovery loader trojan worm evasion
- Modifies firewall policy service
  evasion
- Phorphiex family
  phorphiex
- Phorphiex payload
- Phorphiex, Phorpiex
  Phorphiex or Phorpiex Malware family which infects systems to distribute other malicious payloads such as ransomware, stealers and cryptominers.
  worm trojan loader phorphiex
- Downloads MZ/PE file
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Create or Modify System Process

Windows Service

Privilege Escalation

Create or Modify System Process

Windows Service

Defense Evasion

Impair Defenses

Disable or Modify System Firewall

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

phorphiexdiscoveryloadertrojanworm

behavioral2

phorphiexdiscoveryevasionloadertrojanworm