General
-
Target
IRS-TAX.exe
-
Size
390KB
-
Sample
210304-rv8qk7jzw2
-
MD5
48d8ed92f64e8f595d4e61962d93d89e
-
SHA1
5a2fc1c48209ecd1301a1c98bedec49a056a533c
-
SHA256
9fedb9fe35eae9739d319565aed4cbd16325242f8815cdf21d12d02e5601109d
-
SHA512
96e62dfe42a9351a4f476c1731094ade50915350a1730487e535b1e17c925dc38e1ee36c08b34bade558fd5f6e12b34462b3683cc6026ae1195af9b66355ff12
Static task
static1
Behavioral task
behavioral1
Sample
IRS-TAX.exe
Resource
win7v20201028
Malware Config
Targets
-
-
Target
IRS-TAX.exe
-
Size
390KB
-
MD5
48d8ed92f64e8f595d4e61962d93d89e
-
SHA1
5a2fc1c48209ecd1301a1c98bedec49a056a533c
-
SHA256
9fedb9fe35eae9739d319565aed4cbd16325242f8815cdf21d12d02e5601109d
-
SHA512
96e62dfe42a9351a4f476c1731094ade50915350a1730487e535b1e17c925dc38e1ee36c08b34bade558fd5f6e12b34462b3683cc6026ae1195af9b66355ff12
-
NetWire RAT payload
-
Loads dropped DLL
-
Suspicious use of SetThreadContext
-