General
-
Target
IMAGE2102100021110001.js
-
Size
7KB
-
Sample
210303-7raq84zzea
-
MD5
8a3dfd884399d98c9e5b25fc5cc14628
-
SHA1
376db27f44dcb2e76d70407f9bb1bb0c3a9d8185
-
SHA256
717c8e21ae8aac9685a43722d18bcb6746875654fdefba88250c5c2fe6ce4ace
-
SHA512
07633ce6257057461b47e962fba7dbffc6e96cf1f74354567baabe1fb6ef744d8b7f49c7e083dd0a291666ffbf8d7aa29d6676c14522ef110c82e3248f11fa57
Malware Config
Targets
-
-
Target
IMAGE2102100021110001.js
-
Size
7KB
-
MD5
8a3dfd884399d98c9e5b25fc5cc14628
-
SHA1
376db27f44dcb2e76d70407f9bb1bb0c3a9d8185
-
SHA256
717c8e21ae8aac9685a43722d18bcb6746875654fdefba88250c5c2fe6ce4ace
-
SHA512
07633ce6257057461b47e962fba7dbffc6e96cf1f74354567baabe1fb6ef744d8b7f49c7e083dd0a291666ffbf8d7aa29d6676c14522ef110c82e3248f11fa57
Score10/10-
NetWire RAT payload
-
Netwire
Netwire is a RAT with main functionalities focused password stealing and keylogging, but also includes remote control capabilities as well.
-
Blocklisted process makes network request
-
Executes dropped EXE
-
Loads dropped DLL
-
Suspicious use of SetThreadContext
-