netwire | c06642bc94a8d7604ef34b33bbf2994ae789c18e3d0bd7019720294c58fe021e | Triage

Submit
Reports

Overview

overview

Static

static

8

12.msi

windows7_x64

12.msi

windows10_x64

Sharing

General

Target

12.msi
Size

240KB
Sample

210311-9caem81qms
MD5

e454beb5e1cec91e4498e8c0b0a5f08d
SHA1

37e4e481f50a7b72ef974a5c690a9cdbbadcde9a
SHA256

c06642bc94a8d7604ef34b33bbf2994ae789c18e3d0bd7019720294c58fe021e
SHA512

70329c0c264af855875c6c1511c2de8dbcbaea0a6d60139cb803158983fa58733d15ce45c5637cea3da690f4e49851731218cf5c1cc19dc49198da9d06017539

Score

10^/10

netwire botnet macro rat stealer xlm

Static task

static1

Behavioral task

behavioral1

Sample

12.msi

Resource

win7v20201028

netwire botnet rat stealer

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

12.msi

Resource

win10v20201028

netwire botnet rat stealer

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  12.msi
- Size
  
  240KB
- MD5
  
  e454beb5e1cec91e4498e8c0b0a5f08d
- SHA1
  
  37e4e481f50a7b72ef974a5c690a9cdbbadcde9a
- SHA256
  
  c06642bc94a8d7604ef34b33bbf2994ae789c18e3d0bd7019720294c58fe021e
- SHA512
  
  70329c0c264af855875c6c1511c2de8dbcbaea0a6d60139cb803158983fa58733d15ce45c5637cea3da690f4e49851731218cf5c1cc19dc49198da9d06017539
Score

10^/10

netwire botnet rat stealer
- NetWire RAT payload
  rat
- Netwire
  Netwire is a RAT with main functionalities focused password stealing and keylogging, but also includes remote control capabilities as well.
  botnet stealer netwire
- Executes dropped EXE
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

netwirebotnetratstealer

behavioral2

netwirebotnetratstealer

© 2018-2024

Terms | Privacy