General
-
Target
PaymentConfirmation.exe
-
Size
390KB
-
Sample
201119-1jksqs1x3x
-
MD5
ecc09a255547ec12aa086f06e4205a4a
-
SHA1
2535e63c27cd0655d59b6c36aa06ccdb9faf1259
-
SHA256
5bfba7235e133fb4c8b63e98c4b7d227e5ef5ebc44dc81c6fa95cf76fe2c22bb
-
SHA512
d0d00f8814bc63995ae2f2ecf473ee7c4859ffa205ad24ec1ed4bb5ee6c1b25fe58c16b048ab9b75f881abf25cad7ae12d26e691f075856610adb8465b28fa9a
Static task
static1
Behavioral task
behavioral1
Sample
PaymentConfirmation.exe
Resource
win7v20201028
Malware Config
Targets
-
-
Target
PaymentConfirmation.exe
-
Size
390KB
-
MD5
ecc09a255547ec12aa086f06e4205a4a
-
SHA1
2535e63c27cd0655d59b6c36aa06ccdb9faf1259
-
SHA256
5bfba7235e133fb4c8b63e98c4b7d227e5ef5ebc44dc81c6fa95cf76fe2c22bb
-
SHA512
d0d00f8814bc63995ae2f2ecf473ee7c4859ffa205ad24ec1ed4bb5ee6c1b25fe58c16b048ab9b75f881abf25cad7ae12d26e691f075856610adb8465b28fa9a
Score10/10-
NetWire RAT payload
-
Modifies service
-
Suspicious use of SetThreadContext
-