General
-
Target
9cdb3ec1accd17e884e8ed76d8789b2b
-
Size
459KB
-
Sample
201117-r2dac44wsx
-
MD5
95b26096376f1a1624581f3203a05f4d
-
SHA1
5e885913d272cb5912bd2bbb1f84be93ac09bf52
-
SHA256
3cb34cca32bb4aea5625d0760bd6c51f71695c7bb2c11e465c24a31efbfba6cf
-
SHA512
c49bb53a7e180761011fad7f3b987ced91e52715bc27382c7600d086bfbcb893c21361028941b29b2fb0e6abe2da47a79a222098efc8801ed6f218def7599f53
Static task
static1
Behavioral task
behavioral1
Sample
9cdb3ec1accd17e884e8ed76d8789b2b.exe
Resource
win7v20201028
Malware Config
Targets
-
-
Target
9cdb3ec1accd17e884e8ed76d8789b2b
-
Size
459KB
-
MD5
95b26096376f1a1624581f3203a05f4d
-
SHA1
5e885913d272cb5912bd2bbb1f84be93ac09bf52
-
SHA256
3cb34cca32bb4aea5625d0760bd6c51f71695c7bb2c11e465c24a31efbfba6cf
-
SHA512
c49bb53a7e180761011fad7f3b987ced91e52715bc27382c7600d086bfbcb893c21361028941b29b2fb0e6abe2da47a79a222098efc8801ed6f218def7599f53
-
NetWire RAT payload
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-