General
-
Target
TNT TRACKING DETAILS.exe
-
Size
298KB
-
Sample
210107-dybvyenltj
-
MD5
cb35b37456ce49e77239d5225900686b
-
SHA1
5e87cdd7a939828fb9772cf5e9baef6184549bea
-
SHA256
9d84b1d50b931d6ef5a0b45ca33fe995dab90bc05181b2d2cd5f996fa2bc7c1c
-
SHA512
de3332bd3cf13bb96c9f309c6914395339aa45e56339ae291307cfbdbcd22005cd4b9b36888901b9c9be6ab63b7e88134151aaf375920593401053c0296f91a9
Malware Config
Targets
-
-
Target
TNT TRACKING DETAILS.exe
-
Size
298KB
-
MD5
cb35b37456ce49e77239d5225900686b
-
SHA1
5e87cdd7a939828fb9772cf5e9baef6184549bea
-
SHA256
9d84b1d50b931d6ef5a0b45ca33fe995dab90bc05181b2d2cd5f996fa2bc7c1c
-
SHA512
de3332bd3cf13bb96c9f309c6914395339aa45e56339ae291307cfbdbcd22005cd4b9b36888901b9c9be6ab63b7e88134151aaf375920593401053c0296f91a9
Score10/10-
NetWire RAT payload
-
Netwire
Netwire is a RAT with main functionalities focused password stealing and keylogging, but also includes remote control capabilities as well.
-
ServiceHost packer
Detects ServiceHost packer used for .NET malware
-
Suspicious use of SetThreadContext
-