General
-
Target
DHL Document.lzh
-
Size
538KB
-
Sample
210304-grdzkmqgl2
-
MD5
5c31e3d731558a4682eab307d4986aef
-
SHA1
ae146c1cfa1343923f9f65cdd47ed97778a67bc4
-
SHA256
b425700f72941ce47b2f4952e2a57bf86fdb71564c2497d3f87dad75a3ef9967
-
SHA512
876283289c5b395844404fe9f799732f85121a8b1e3e4484bf8e5524f52adc0705b2a749b9526a71389e258d4088315b3acf1dc8a29eb2ecf2c2bf38f9b43caa
Malware Config
Targets
-
-
Target
DHL Document.exe
-
Size
1.1MB
-
MD5
92900a9f09ad28e0e6068988f85383c4
-
SHA1
d2088728af43a30bd69fd4bff9db5e9a6f54d55c
-
SHA256
73429ed369e556843e28f21b233a49aa9cc7b55d36c5be69f3745a75d17eaf1f
-
SHA512
77ff1b0a1d99f92204955a60599953965292ead8dc41c2b993a4c522350eeb50efead8fcc7500d72e823b04efa6165e750fcc5f5f793f8af192252cebc354d40
Score10/10-
NetWire RAT payload
-
Netwire
Netwire is a RAT with main functionalities focused password stealing and keylogging, but also includes remote control capabilities as well.
-
Suspicious use of SetThreadContext
-