General
-
Target
450f463616026025f68295b9a3dd365f
-
Size
779KB
-
Sample
210915-hw8nzadbaq
-
MD5
450f463616026025f68295b9a3dd365f
-
SHA1
440c0e1d874ebd9c3f86b672f24b39d7c857baa3
-
SHA256
c96f0650573130180a039e7b9d66d11e18c97c9fe96c732f2d5fdbcb05a140eb
-
SHA512
7fb9e37bb037f48779b508863f9dacd9714214adc4642619978b9cf90cd19311ad0f122512a41e4d91ad55bd25d7f076266e93f60cfb9df7e8cf325149d4b76f
Malware Config
Extracted
netwire
176.107.178.179:5218
134.19.179.147:5214
139.28.36.101:5218
-
activex_autorun
false
- activex_key
-
copy_executable
false
-
delete_original
false
-
host_id
31-Aug
- install_path
-
keylogger_dir
%AppData%\Local\Nets\
-
lock_executable
true
-
mutex
iXSIGucL
-
offline_keylogger
true
-
password
Password
-
registry_autorun
false
- startup_name
-
use_mutex
true
Targets
-
-
Target
450f463616026025f68295b9a3dd365f
-
Size
779KB
-
MD5
450f463616026025f68295b9a3dd365f
-
SHA1
440c0e1d874ebd9c3f86b672f24b39d7c857baa3
-
SHA256
c96f0650573130180a039e7b9d66d11e18c97c9fe96c732f2d5fdbcb05a140eb
-
SHA512
7fb9e37bb037f48779b508863f9dacd9714214adc4642619978b9cf90cd19311ad0f122512a41e4d91ad55bd25d7f076266e93f60cfb9df7e8cf325149d4b76f
Score10/10-
NetWire RAT payload
-
Netwire
Netwire is a RAT with main functionalities focused password stealing and keylogging, but also includes remote control capabilities as well.
-
Adds Run key to start application
-