General
-
Target
10270751935c774658b5a8e956aa9ca1
-
Size
601KB
-
Sample
201117-8gqw9gz8pj
-
MD5
10270751935c774658b5a8e956aa9ca1
-
SHA1
11b88927bb06b9b661e9cd11c7d08116f64cbf12
-
SHA256
2b4569753be7e894aff4079e30581195d611e123a77ddb5115e05d15f16ed887
-
SHA512
80fe034bcbc2a5aeecaab2c54594d399964d4f5ff73ea9f14f8e1a6be1b070ca11dd8e6f38cecd0e61b8a115a2efe8d52fb9767fe2c97967e4046dd3f08d361e
Static task
static1
Behavioral task
behavioral1
Sample
10270751935c774658b5a8e956aa9ca1.exe
Resource
win7v20201028
Behavioral task
behavioral2
Sample
10270751935c774658b5a8e956aa9ca1.exe
Resource
win10v20201028
Malware Config
Targets
-
-
Target
10270751935c774658b5a8e956aa9ca1
-
Size
601KB
-
MD5
10270751935c774658b5a8e956aa9ca1
-
SHA1
11b88927bb06b9b661e9cd11c7d08116f64cbf12
-
SHA256
2b4569753be7e894aff4079e30581195d611e123a77ddb5115e05d15f16ed887
-
SHA512
80fe034bcbc2a5aeecaab2c54594d399964d4f5ff73ea9f14f8e1a6be1b070ca11dd8e6f38cecd0e61b8a115a2efe8d52fb9767fe2c97967e4046dd3f08d361e
Score10/10-
NetWire RAT payload
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-