Overview

overview

10

Static

static

fGv4Ub5CXn...4h.exe

windows10_x64

10

fGv4Ub5CXn...4h.exe

windows10-2004_x64

10

fGv4Ub5CXn...4h.exe

windows11_x64

Sharing

Copy URL
Twitter E-mail

General

  • Target

    fGv4Ub5CXnXURJ4g2dBLT9BUmoeKz64h.exe

  • Size

    545KB

  • Sample

    220319-gcgwgacfgk

  • MD5

    0f63a487555ec2b8bdada114f55cd2f3

  • SHA1

    a3ef0914468013a9bcf6dd6cca79b7fa18494327

  • SHA256

    854f58be2f8c4e2b9305911f908d675d14341d460218828b8c190a41f633e28d

  • SHA512

    365cddac8aa211502a44416072ff1cf2b9a3c84ed9845eda8509b69d3ffdd74e11fa7018b030a358b62dfda3d06c4a8baf0b81d36ec5dee55a36cb5199d02e04

Score
10/10
phoenixstealerspywarestealer

Malware Config

Targets

    • Target

      fGv4Ub5CXnXURJ4g2dBLT9BUmoeKz64h.exe

    • Size

      545KB

    • MD5

      0f63a487555ec2b8bdada114f55cd2f3

    • SHA1

      a3ef0914468013a9bcf6dd6cca79b7fa18494327

    • SHA256

      854f58be2f8c4e2b9305911f908d675d14341d460218828b8c190a41f633e28d

    • SHA512

      365cddac8aa211502a44416072ff1cf2b9a3c84ed9845eda8509b69d3ffdd74e11fa7018b030a358b62dfda3d06c4a8baf0b81d36ec5dee55a36cb5199d02e04

    Score
    10/10
    phoenixstealerspywarestealer

    • PhoenixStealer

      PhoenixStealer is an information stealer written in the C++, it sends the stolen information to cybercriminals.

      stealerphoenixstealer

    • Reads data files stored by FTP clients

      Tries to access configuration files associated with programs like FileZilla.

      spywarestealer

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer
    behavioral1behavioral2behavioral3

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

2
T1081

Discovery

Lateral Movement

Collection

Data from Local System

2
T1005

Exfiltration

Command and Control

Impact

Tasks