netwire | 1a4ea9c422e80abe0f0abd7cbc73e3070b0345d2e9ab5ff57840230240f10f47 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

nxxt.exe

windows7_x64

nxxt.exe

windows10_x64

Sharing

General

Target

nxxt.exe
Size

338KB
Sample

200710-r8emdy8jan
MD5

5a68d27a6d644b88a59ae764acaad552
SHA1

24f135bf0c8e0db609a39fc2a5b68e644ed1ce7c
SHA256

1a4ea9c422e80abe0f0abd7cbc73e3070b0345d2e9ab5ff57840230240f10f47
SHA512

191b216e498e1ea68d4f61b506ea08e9f4852461bb9324febbd527a16dc4eb610f43a1457e8f2482874f6b634aaadad46c20baf2944871c40f894226e3f59783

Score

10^/10

netwire botnet rat stealer

Static task

static1

Behavioral task

behavioral1

Sample

nxxt.exe

Resource

win7v200430

rat botnet stealer netwire

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

nxxt.exe

Resource

win10v200430

rat botnet stealer netwire

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  nxxt.exe
- Size
  
  338KB
- MD5
  
  5a68d27a6d644b88a59ae764acaad552
- SHA1
  
  24f135bf0c8e0db609a39fc2a5b68e644ed1ce7c
- SHA256
  
  1a4ea9c422e80abe0f0abd7cbc73e3070b0345d2e9ab5ff57840230240f10f47
- SHA512
  
  191b216e498e1ea68d4f61b506ea08e9f4852461bb9324febbd527a16dc4eb610f43a1457e8f2482874f6b634aaadad46c20baf2944871c40f894226e3f59783
Score

10^/10

rat botnet stealer netwire
- NetWire RAT payload
  rat
- Netwire
  Netwire is a RAT with main functionalities focused password stealing and keylogging, but also includes remote control capabilities as well.
  botnet stealer netwire
- Executes dropped EXE
- Drops startup file
- Loads dropped DLL
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

ratbotnetstealernetwire

behavioral2

ratbotnetstealernetwire

© 2018-2025

Terms | Privacy