General
-
Target
SecuriteInfo.com.Trojan.Win32.Save.a.30596.12305
-
Size
731KB
-
Sample
210304-9y4vvh6avn
-
MD5
6b33065b314dbb152d798237de373550
-
SHA1
4c654b9f7b2298d213048f6523f7dbd21c1cc64b
-
SHA256
7915d92e56a86feb90323274532ccfefef357210f840b5dac3999399e7255193
-
SHA512
b51d5e2644dc7a0cb0cfdf0fb2a98c5ad5c604366d584ded312f9d2cad18465d9d77ed4f8df8444ccdc79a6bce84a6b89de48531a1b9de15a46c71ee712ba457
Static task
static1
Behavioral task
behavioral1
Sample
SecuriteInfo.com.Trojan.Win32.Save.a.30596.12305.exe
Resource
win7v20201028
Malware Config
Targets
-
-
Target
SecuriteInfo.com.Trojan.Win32.Save.a.30596.12305
-
Size
731KB
-
MD5
6b33065b314dbb152d798237de373550
-
SHA1
4c654b9f7b2298d213048f6523f7dbd21c1cc64b
-
SHA256
7915d92e56a86feb90323274532ccfefef357210f840b5dac3999399e7255193
-
SHA512
b51d5e2644dc7a0cb0cfdf0fb2a98c5ad5c604366d584ded312f9d2cad18465d9d77ed4f8df8444ccdc79a6bce84a6b89de48531a1b9de15a46c71ee712ba457
-
NetWire RAT payload
-
Drops startup file
-
Suspicious use of SetThreadContext
-