Behavioral task
behavioral1
Sample
netwire.exe
Resource
win7v20210410
windows7_x64
0 signatures
0 seconds
Behavioral task
behavioral2
Sample
netwire.exe
Resource
win10v20210408
windows10_x64
0 signatures
0 seconds
General
-
Target
netwire.exe
-
Size
160KB
-
MD5
d6767cc7cdce715557846a82d03f5d9a
-
SHA1
7abd865e995f2814acf232f6526724a1492908dc
-
SHA256
bddb7252c2d691e0888558115054bf0643132547fd69aab2704a6f2d0d4c310b
-
SHA512
669095b6a2197bd6d6eb0396f1cb4713d6b01639792fbc410b7ed1e3bd4ce1f336da29d8796d6f4b6a24f3e3a14fc17c60241adfcebd4e4a8e0ab0cc3d87092c
Malware Config
Extracted
Family
netwire
C2
185.244.30.43:1776
185.244.30.43:1660
Attributes
-
activex_autorun
false
- activex_key
-
copy_executable
true
-
delete_original
false
-
host_id
HostId-%Rand%
-
install_path
%AppData%\Install\Host.exe
-
keylogger_dir
%AppData%\Logs\
-
lock_executable
false
-
mutex
tGWLMrlt
-
offline_keylogger
true
-
password
vk12345
-
registry_autorun
true
-
startup_name
Firefoxx
-
use_mutex
true
Signatures
Files
-
netwire.exe.exe windows x86