netwire | 7915d92e56a86feb90323274532ccfefef357210f840b5dac3999399e7255193 | Triage

Submit
Reports

Overview

overview

Static

static

SecuriteIn...05.exe

windows7_x64

SecuriteIn...05.exe

windows10_x64

Sharing

General

Target

SecuriteInfo.com.Trojan.Win32.Save.a.30596.12305
Size

731KB
Sample

210304-9y4vvh6avn
MD5

6b33065b314dbb152d798237de373550
SHA1

4c654b9f7b2298d213048f6523f7dbd21c1cc64b
SHA256

7915d92e56a86feb90323274532ccfefef357210f840b5dac3999399e7255193
SHA512

b51d5e2644dc7a0cb0cfdf0fb2a98c5ad5c604366d584ded312f9d2cad18465d9d77ed4f8df8444ccdc79a6bce84a6b89de48531a1b9de15a46c71ee712ba457

Score

10^/10

netwire botnet rat stealer

Static task

static1

Behavioral task

behavioral1

Sample

SecuriteInfo.com.Trojan.Win32.Save.a.30596.12305.exe

Resource

win7v20201028

netwire botnet rat stealer

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

SecuriteInfo.com.Trojan.Win32.Save.a.30596.12305.exe

Resource

win10v20201028

netwire botnet rat stealer

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  SecuriteInfo.com.Trojan.Win32.Save.a.30596.12305
- Size
  
  731KB
- MD5
  
  6b33065b314dbb152d798237de373550
- SHA1
  
  4c654b9f7b2298d213048f6523f7dbd21c1cc64b
- SHA256
  
  7915d92e56a86feb90323274532ccfefef357210f840b5dac3999399e7255193
- SHA512
  
  b51d5e2644dc7a0cb0cfdf0fb2a98c5ad5c604366d584ded312f9d2cad18465d9d77ed4f8df8444ccdc79a6bce84a6b89de48531a1b9de15a46c71ee712ba457
Score

10^/10

netwire botnet rat stealer
- NetWire RAT payload
  rat
- Netwire
  Netwire is a RAT with main functionalities focused password stealing and keylogging, but also includes remote control capabilities as well.
  botnet stealer netwire
- Drops startup file
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

netwirebotnetratstealer

behavioral2

netwirebotnetratstealer

© 2018-2024

Terms | Privacy