phorphiex | 764b5037aa551fc0a9feb30b213e04605cba3babc5ec301d9cd4a50e88311618 | Triage

Sharing

General

Target

file.exe
Size

20KB
Sample

250415-ylewxazpy8
MD5

ad89dd0ccbc6cfdea9c01d3ed1e37222
SHA1

032e14839589a0e72414dffb1c11f29710a120db
SHA256

764b5037aa551fc0a9feb30b213e04605cba3babc5ec301d9cd4a50e88311618
SHA512

848d64ffcae8fc4136ba82b61d08d4c15ea693ee8e9360b1236c73cd8086631474f4ff5211977869228bfee35fea64b97fecf9145586149dee4e952c84d69629
SSDEEP

384:wc0WLc01PcOA/UkeG/ibYTJ4JVB0TjztSSR:B5PcOUUHYAIf

Score

10^/10

phorphiex discovery spyware stealer

Malware Config

Extracted

Family

phorphiex

C2

185.215.113.66

Attributes

mutex
97575947

Targets

- Target
  
  file.exe
- Size
  
  20KB
- MD5
  
  ad89dd0ccbc6cfdea9c01d3ed1e37222
- SHA1
  
  032e14839589a0e72414dffb1c11f29710a120db
- SHA256
  
  764b5037aa551fc0a9feb30b213e04605cba3babc5ec301d9cd4a50e88311618
- SHA512
  
  848d64ffcae8fc4136ba82b61d08d4c15ea693ee8e9360b1236c73cd8086631474f4ff5211977869228bfee35fea64b97fecf9145586149dee4e952c84d69629
- SSDEEP
  
  384:wc0WLc01PcOA/UkeG/ibYTJ4JVB0TjztSSR:B5PcOUUHYAIf
Score

7^/10

discovery spyware stealer
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
behavioral1 behavioral2

MITRE ATT&CK Enterprise v16

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials from Password Stores

Credentials from Web Browsers

Unsecured Credentials

Credentials In Files

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryspywarestealer

behavioral2

discoveryspywarestealer