netwire | cd452913de86b1fe2e5ffd2489769fdc4c3900848f04481710a2e669b69d0e64 | Triage

Submit
Reports

Overview

overview

Static

static

bola.exe

windows7_x64

bola.exe

windows10_x64

Sharing

General

Target

bola.exe
Size

916KB
Sample

200713-kd7vflxwm6
MD5

b91a3a7f7fa25bdb645550906e15ba65
SHA1

6d4bb0f94257f9928d4ccdcaf6bd025b64242c72
SHA256

cd452913de86b1fe2e5ffd2489769fdc4c3900848f04481710a2e669b69d0e64
SHA512

4fe893890119a4291493825272b5032e4bbda3f105fec934f7beee57defa7b984a1361138612eb33d7c8e12726af59c9659a6fae5a1209eb2c8241df726a42dc

Score

10^/10

netwire botnet rat stealer

Static task

static1

Behavioral task

behavioral1

Sample

bola.exe

Resource

win7

rat botnet stealer netwire

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

bola.exe

Resource

win10

rat botnet stealer netwire

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  bola.exe
- Size
  
  916KB
- MD5
  
  b91a3a7f7fa25bdb645550906e15ba65
- SHA1
  
  6d4bb0f94257f9928d4ccdcaf6bd025b64242c72
- SHA256
  
  cd452913de86b1fe2e5ffd2489769fdc4c3900848f04481710a2e669b69d0e64
- SHA512
  
  4fe893890119a4291493825272b5032e4bbda3f105fec934f7beee57defa7b984a1361138612eb33d7c8e12726af59c9659a6fae5a1209eb2c8241df726a42dc
Score

10^/10

rat botnet stealer netwire
- NetWire RAT payload
  rat
- Netwire
  Netwire is a RAT with main functionalities focused password stealing and keylogging, but also includes remote control capabilities as well.
  botnet stealer netwire
- Executes dropped EXE
- Drops startup file
- Loads dropped DLL
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

ratbotnetstealernetwire

behavioral2

ratbotnetstealernetwire

© 2018-2024

Terms | Privacy