General
-
Target
SecuriteInfo.com.Program.Win32.Wacapew.Cml.7225.2383
-
Size
939KB
-
Sample
210603-qtrsstzven
-
MD5
eddc29896f0f6dc74fb9746d22be40cb
-
SHA1
9a94123aaa7c0aa998d2eb09a74e20cf9f1d9715
-
SHA256
0fda1a21ab1ba27664e58228ab32452ed711d4ae1713deadbe20aac8cf193041
-
SHA512
c2ae7e4d58e0c0ffc58a5c8e2fa3322e217fa67d831301e2aaf88ae62b07677abc2c9ea3df22578114852c107c39d06f255e65014b4b414b57405d8036b856a2
Static task
static1
Behavioral task
behavioral1
Sample
SecuriteInfo.com.Program.Win32.Wacapew.Cml.7225.2383.exe
Resource
win7v20210410
Malware Config
Extracted
netwire
sipex2021.ddns.net:8753
-
activex_autorun
false
- activex_key
-
copy_executable
false
-
delete_original
false
-
host_id
HostId-%Rand%
- install_path
-
keylogger_dir
%AppData%\Logs\
-
lock_executable
false
- mutex
-
offline_keylogger
true
-
password
Password
-
registry_autorun
false
- startup_name
-
use_mutex
false
Targets
-
-
Target
SecuriteInfo.com.Program.Win32.Wacapew.Cml.7225.2383
-
Size
939KB
-
MD5
eddc29896f0f6dc74fb9746d22be40cb
-
SHA1
9a94123aaa7c0aa998d2eb09a74e20cf9f1d9715
-
SHA256
0fda1a21ab1ba27664e58228ab32452ed711d4ae1713deadbe20aac8cf193041
-
SHA512
c2ae7e4d58e0c0ffc58a5c8e2fa3322e217fa67d831301e2aaf88ae62b07677abc2c9ea3df22578114852c107c39d06f255e65014b4b414b57405d8036b856a2
-
NetWire RAT payload
-
Suspicious use of SetThreadContext
-