Overview

overview

10

Static

static

1

parcel.exe

windows7_x64

10

parcel.exe

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    parcel.exe

  • Size

    387KB

  • Sample

    210304-r452sltqc6

  • MD5

    f36dbd08d89de65427f8f2474507c89c

  • SHA1

    4f7c2447d738c18e70160fb12a66e3b8913e8594

  • SHA256

    bdfb906a3a02d8a28bef1d13d0abff090bc9582373e05e5f376186e9a7c5a902

  • SHA512

    dee3bdeaf4c71fc212a66c04781d476f96bbcb9862f177ab383644137aa6993f04bd5ea9bc1e2d3055f90de7d1ca5346322d6b48fd4c3e7c46aa0c050279f20b

Score
10/10
netwirebotnetratstealer

Malware Config

Targets

    • Target

      parcel.exe

    • Size

      387KB

    • MD5

      f36dbd08d89de65427f8f2474507c89c

    • SHA1

      4f7c2447d738c18e70160fb12a66e3b8913e8594

    • SHA256

      bdfb906a3a02d8a28bef1d13d0abff090bc9582373e05e5f376186e9a7c5a902

    • SHA512

      dee3bdeaf4c71fc212a66c04781d476f96bbcb9862f177ab383644137aa6993f04bd5ea9bc1e2d3055f90de7d1ca5346322d6b48fd4c3e7c46aa0c050279f20b

    Score
    10/10
    netwirebotnetratstealer

    • NetWire RAT payload

      rat

    • Netwire

      Netwire is a RAT with main functionalities focused password stealing and keylogging, but also includes remote control capabilities as well.

      botnetstealernetwire

    • Loads dropped DLL

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks