General
-
Target
X2.exe
-
Size
1.8MB
-
Sample
201209-e7cl23sbwn
-
MD5
36f108b320d0b177b1fb3e20fb917cb1
-
SHA1
a3a40037b451c4d25758eec72009e703f1f80534
-
SHA256
ac5172fa3b434962c4f2e12b9c47dfd29a939b1d15c358ead485c4843ae065aa
-
SHA512
9e97b0984a711244e5783dd772490a12858557a4c4dc677f5f1189e92d4232db48e5e56471fd0af3e78b2cd801ac34df4b71bceba84d26fe76e3b15ae109bd62
Static task
static1
Behavioral task
behavioral1
Sample
X2.exe
Resource
win7v20201028
Behavioral task
behavioral2
Sample
X2.exe
Resource
win10v20201028
Malware Config
Targets
-
-
Target
X2.exe
-
Size
1.8MB
-
MD5
36f108b320d0b177b1fb3e20fb917cb1
-
SHA1
a3a40037b451c4d25758eec72009e703f1f80534
-
SHA256
ac5172fa3b434962c4f2e12b9c47dfd29a939b1d15c358ead485c4843ae065aa
-
SHA512
9e97b0984a711244e5783dd772490a12858557a4c4dc677f5f1189e92d4232db48e5e56471fd0af3e78b2cd801ac34df4b71bceba84d26fe76e3b15ae109bd62
Score10/10-
NetWire RAT payload
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
JavaScript code in executable
-
Suspicious use of SetThreadContext
-