General
-
Target
b325c03e9582b83c544796f4518fa68b93053b1d21079049f9a8ddf6700a392a.bin
-
Size
1.2MB
-
Sample
210719-e1vp3asjpa
-
MD5
2d619dfd3178ee2ffbcfc488c1211d4f
-
SHA1
971cf6179b962d3612d0aff277960e0638017401
-
SHA256
b325c03e9582b83c544796f4518fa68b93053b1d21079049f9a8ddf6700a392a
-
SHA512
0611fd9ec274528b0b1a993291bfcec35e9aabb54203855b524cccc70e582958686239cce33c1c01427cc5d8a3baeb13d753c03feaf00b856a72742808f0c7fe
Static task
static1
Behavioral task
behavioral1
Sample
b325c03e9582b83c544796f4518fa68b93053b1d21079049f9a8ddf6700a392a.bin.exe
Resource
win7v20210410
Behavioral task
behavioral2
Sample
b325c03e9582b83c544796f4518fa68b93053b1d21079049f9a8ddf6700a392a.bin.exe
Resource
win10v20210408
Malware Config
Targets
-
-
Target
b325c03e9582b83c544796f4518fa68b93053b1d21079049f9a8ddf6700a392a.bin
-
Size
1.2MB
-
MD5
2d619dfd3178ee2ffbcfc488c1211d4f
-
SHA1
971cf6179b962d3612d0aff277960e0638017401
-
SHA256
b325c03e9582b83c544796f4518fa68b93053b1d21079049f9a8ddf6700a392a
-
SHA512
0611fd9ec274528b0b1a993291bfcec35e9aabb54203855b524cccc70e582958686239cce33c1c01427cc5d8a3baeb13d753c03feaf00b856a72742808f0c7fe
Score10/10-
NetWire RAT payload
-
Suspicious use of NtCreateProcessExOtherParentProcess
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-