FedEx Shipment.exe
FedEx Shipment.exe
738KB
210305-znfhyn4yqn
20e5be824638df2b4f86520d5a5a0cad
5e3a464ce7ebaf297438e52dd6c9eaf374217eed
cef2f777b4c29a5ced187382e3c0a0ee61d4c71471fc5d100b78a4e88f4324de
238b8f441a6d5c17c407ff254928bb17ef7ed06143a23187842f9ab3012263913055672ea67c32351f2be9d2b2fa6f7e0a2a7af2260514870418dcf19fc11a11
FedEx Shipment.exe
20e5be824638df2b4f86520d5a5a0cad
738KB
5e3a464ce7ebaf297438e52dd6c9eaf374217eed
cef2f777b4c29a5ced187382e3c0a0ee61d4c71471fc5d100b78a4e88f4324de
238b8f441a6d5c17c407ff254928bb17ef7ed06143a23187842f9ab3012263913055672ea67c32351f2be9d2b2fa6f7e0a2a7af2260514870418dcf19fc11a11
Tags
Signatures
-
NetWire RAT payload
-
Netwire
Description
Netwire is a RAT with main functionalities focused password stealing and keylogging, but also includes remote control capabilities as well.
Tags
-
Adds Run key to start application
Tags
TTPs
-
Suspicious use of SetThreadContext