Behavioral task
behavioral1
Sample
C5A6211FE9AB12EB4D85BFB61E9495F5.exe
Resource
win7v20210410
windows7_x64
0 signatures
0 seconds
General
-
Target
C5A6211FE9AB12EB4D85BFB61E9495F5.exe
-
Size
160KB
-
MD5
c5a6211fe9ab12eb4d85bfb61e9495f5
-
SHA1
635d8c769477ea6fe801544fcfbb50e70011a29d
-
SHA256
cbf703cf139fbeffc482036fed72e4bcae042a92c769cbb3de5219209b56553f
-
SHA512
96938398102e9c3d802d708c248832e5eea1ad0229c3e296d6260e3144ae9f8d916d415b800caca20655e7956cacf438ae692c254e3d10aa509d12bf46ba9d74
Malware Config
Extracted
Family
netwire
C2
netno.ddns.net:6577
ddns.dbcdubai.com:6577
netsecond.duckdns.org:6577
Attributes
-
activex_autorun
false
- activex_key
-
copy_executable
false
-
delete_original
false
-
host_id
OJ
- install_path
-
keylogger_dir
%AppData%\Logs\
-
lock_executable
false
-
mutex
oCTboYgC
-
offline_keylogger
true
-
password
Trinidado1@
-
registry_autorun
false
- startup_name
-
use_mutex
true
Signatures
Files
-
C5A6211FE9AB12EB4D85BFB61E9495F5.exe.exe windows x86