General
-
Target
PaymentConformation.exe
-
Size
433KB
-
Sample
201119-827d3tm8l6
-
MD5
01ab21e031e660ecf392be7d5c1fa62b
-
SHA1
714a081ddcd9cfc1bfaed0969866d87c11c34c6a
-
SHA256
060ef35b985d05b93d0e647a68cdbb83d651a8b5fb36b234c94f3181d2d30aa3
-
SHA512
635852a7824e0dca60181b027ff580875d087491cc8093111d7f4f1a668ec51e94f32642b4913720ed93b8d491ae5073c7462b2cfde5484e32475980ca5983b7
Static task
static1
Behavioral task
behavioral1
Sample
PaymentConformation.exe
Resource
win7v20201028
Malware Config
Targets
-
-
Target
PaymentConformation.exe
-
Size
433KB
-
MD5
01ab21e031e660ecf392be7d5c1fa62b
-
SHA1
714a081ddcd9cfc1bfaed0969866d87c11c34c6a
-
SHA256
060ef35b985d05b93d0e647a68cdbb83d651a8b5fb36b234c94f3181d2d30aa3
-
SHA512
635852a7824e0dca60181b027ff580875d087491cc8093111d7f4f1a668ec51e94f32642b4913720ed93b8d491ae5073c7462b2cfde5484e32475980ca5983b7
Score10/10-
NetWire RAT payload
-
Modifies service
-
Suspicious use of SetThreadContext
-