Overview

overview

10

Static

static

10

F27164CA71...C4.exe

windows7_x64

10

F27164CA71...C4.exe

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    F27164CA71AB7C3F37423A20D80B82C4.exe

  • Size

    160KB

  • Sample

    210630-8n2dt5hlda

  • MD5

    f27164ca71ab7c3f37423a20d80b82c4

  • SHA1

    234f4c22fc1e435effd208c3b8276f8e65299e57

  • SHA256

    ef9d94b683a4354982f31afb73185d5d47d50b908168b0e612f7895eb4e0d757

  • SHA512

    48be2da1096409aa387294b49dc3d61cee4c15f242c9f148cb062c925f0072ea814046f7c6ac1e4eb3f95f53d8dca131d48e0cdbb1fee3abd7bac46aba3c52b9

Score
10/10
netwirebotnetratstealer

Malware Config

Extracted

Family

netwire

C2

144.91.120.8:1440

Attributes
  • activex_autorun

    false

  • activex_key

  • copy_executable

    false

  • delete_original

    false

  • host_id

    HostId-%Rand%

  • install_path

  • keylogger_dir

  • lock_executable

    false

  • mutex

  • offline_keylogger

    false

  • password

    Password123

  • registry_autorun

    false

  • startup_name

  • use_mutex

    false

Targets

    • Target

      F27164CA71AB7C3F37423A20D80B82C4.exe

    • Size

      160KB

    • MD5

      f27164ca71ab7c3f37423a20d80b82c4

    • SHA1

      234f4c22fc1e435effd208c3b8276f8e65299e57

    • SHA256

      ef9d94b683a4354982f31afb73185d5d47d50b908168b0e612f7895eb4e0d757

    • SHA512

      48be2da1096409aa387294b49dc3d61cee4c15f242c9f148cb062c925f0072ea814046f7c6ac1e4eb3f95f53d8dca131d48e0cdbb1fee3abd7bac46aba3c52b9

    Score
    10/10
    netwirebotnetstealer

    • Netwire

      Netwire is a RAT with main functionalities focused password stealing and keylogging, but also includes remote control capabilities as well.

      botnetstealernetwire
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks