General
-
Target
IMAGE2102100021110001.js
-
Size
7KB
-
Sample
210303-7raq84zzea
-
MD5
8a3dfd884399d98c9e5b25fc5cc14628
-
SHA1
376db27f44dcb2e76d70407f9bb1bb0c3a9d8185
-
SHA256
717c8e21ae8aac9685a43722d18bcb6746875654fdefba88250c5c2fe6ce4ace
-
SHA512
07633ce6257057461b47e962fba7dbffc6e96cf1f74354567baabe1fb6ef744d8b7f49c7e083dd0a291666ffbf8d7aa29d6676c14522ef110c82e3248f11fa57
Static task
static1
Behavioral task
behavioral1
Sample
IMAGE2102100021110001.js
Resource
win7v20201028
Malware Config
Targets
-
-
Target
IMAGE2102100021110001.js
-
Size
7KB
-
MD5
8a3dfd884399d98c9e5b25fc5cc14628
-
SHA1
376db27f44dcb2e76d70407f9bb1bb0c3a9d8185
-
SHA256
717c8e21ae8aac9685a43722d18bcb6746875654fdefba88250c5c2fe6ce4ace
-
SHA512
07633ce6257057461b47e962fba7dbffc6e96cf1f74354567baabe1fb6ef744d8b7f49c7e083dd0a291666ffbf8d7aa29d6676c14522ef110c82e3248f11fa57
-
NetWire RAT payload
-
Blocklisted process makes network request
-
Executes dropped EXE
-
Loads dropped DLL
-
Suspicious use of SetThreadContext
-