netwire | 87c7c23ff999c80b081423d40721ee44b8bf037d26d3452030b8a0f19837f27f | Triage

Submit
Reports

Overview

overview

Static

static

5

87c7c23ff9...7f.exe

windows10_x64

Sharing

General

Target

87c7c23ff999c80b081423d40721ee44b8bf037d26d3452030b8a0f19837f27f
Size

1.1MB
Sample

210727-8t62kvl6zj
MD5

17ef31964e6b74518a5da99434b017f2
SHA1

b473541b7c253d2badd453ccce2b4a9f7565493f
SHA256

87c7c23ff999c80b081423d40721ee44b8bf037d26d3452030b8a0f19837f27f
SHA512

3d2f65fec89c66fd6562ec18c8c9b45064c6846ebe5fe11ac7cf4972d072ce398645113bfc1f5e90ba5e81f7327d16f7f6f4e790d79d7cf3ef6887bd8c39a0f5

Score

10^/10

netwire botnet rat stealer

Static task

static1

Behavioral task

behavioral1

Sample

87c7c23ff999c80b081423d40721ee44b8bf037d26d3452030b8a0f19837f27f.exe

Resource

win10v20210408

netwire botnet rat stealer

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  87c7c23ff999c80b081423d40721ee44b8bf037d26d3452030b8a0f19837f27f
- Size
  
  1.1MB
- MD5
  
  17ef31964e6b74518a5da99434b017f2
- SHA1
  
  b473541b7c253d2badd453ccce2b4a9f7565493f
- SHA256
  
  87c7c23ff999c80b081423d40721ee44b8bf037d26d3452030b8a0f19837f27f
- SHA512
  
  3d2f65fec89c66fd6562ec18c8c9b45064c6846ebe5fe11ac7cf4972d072ce398645113bfc1f5e90ba5e81f7327d16f7f6f4e790d79d7cf3ef6887bd8c39a0f5
Score

10^/10

netwire botnet rat stealer
- NetWire RAT payload
  rat
- Netwire
  Netwire is a RAT with main functionalities focused password stealing and keylogging, but also includes remote control capabilities as well.
  botnet stealer netwire
- Drops startup file
- Drops file in System32 directory
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

netwirebotnetratstealer

© 2018-2024

Terms | Privacy