General
-
Target
DHL Documents.zip
-
Size
4KB
-
Sample
210303-pkpcpwm26e
-
MD5
532f9cd20fc55f6bc05080b39be3bcdf
-
SHA1
372f93d1f68b0af393f6e43c2ff289b73c3fb50d
-
SHA256
4bb4b8edf4873f8c3416d4a7c76fc38f45eb3aae31b4fd1569cb3cff081796f9
-
SHA512
46c16932719963d5bcbade28790b86f8361189c6510269738839d46b4620e060a14ded8e76f9b4f02e8d9e38d2e60b87c1b484879771f53279cbd0fca629373a
Malware Config
Targets
-
-
Target
IMAGE2102100021110001.js
-
Size
7KB
-
MD5
8a3dfd884399d98c9e5b25fc5cc14628
-
SHA1
376db27f44dcb2e76d70407f9bb1bb0c3a9d8185
-
SHA256
717c8e21ae8aac9685a43722d18bcb6746875654fdefba88250c5c2fe6ce4ace
-
SHA512
07633ce6257057461b47e962fba7dbffc6e96cf1f74354567baabe1fb6ef744d8b7f49c7e083dd0a291666ffbf8d7aa29d6676c14522ef110c82e3248f11fa57
Score10/10-
NetWire RAT payload
-
Netwire
Netwire is a RAT with main functionalities focused password stealing and keylogging, but also includes remote control capabilities as well.
-
Blocklisted process makes network request
-
Executes dropped EXE
-
Loads dropped DLL
-
Suspicious use of SetThreadContext
-
-
-
Target
Receipt.js
-
Size
7KB
-
MD5
8a3dfd884399d98c9e5b25fc5cc14628
-
SHA1
376db27f44dcb2e76d70407f9bb1bb0c3a9d8185
-
SHA256
717c8e21ae8aac9685a43722d18bcb6746875654fdefba88250c5c2fe6ce4ace
-
SHA512
07633ce6257057461b47e962fba7dbffc6e96cf1f74354567baabe1fb6ef744d8b7f49c7e083dd0a291666ffbf8d7aa29d6676c14522ef110c82e3248f11fa57
Score10/10-
NetWire RAT payload
-
Netwire
Netwire is a RAT with main functionalities focused password stealing and keylogging, but also includes remote control capabilities as well.
-
Blocklisted process makes network request
-
Executes dropped EXE
-
Loads dropped DLL
-
Suspicious use of SetThreadContext
-