Overview

overview

10

Static

static

DigiCertUtil.exe

windows7_x64

10

DigiCertUtil.exe

windows10_x64

4

Sharing

Copy URL
Twitter E-mail

General

  • Target

    DigiCertUtil.exe

  • Size

    3.1MB

  • Sample

    211021-leq95saah2

  • MD5

    cd08f5aee51ce2ef2d4b1bd567adac90

  • SHA1

    32ebfee9645f42c3719101df980832eccd24ee4c

  • SHA256

    20229d2217d12e73f130c72645d7edf384c630973775d9f38326dfee0295cb12

  • SHA512

    78d3c08da6f854774498f257e0a5479245376cda115773a47bfb3b621db6a0e132ad3539237bb09336f0de7b34bbf42e24c53fb02ef450edf430f2d7cf245424

Score
10/10
netwirebotnetstealer

Malware Config

Targets

    • Target

      DigiCertUtil.exe

    • Size

      3.1MB

    • MD5

      cd08f5aee51ce2ef2d4b1bd567adac90

    • SHA1

      32ebfee9645f42c3719101df980832eccd24ee4c

    • SHA256

      20229d2217d12e73f130c72645d7edf384c630973775d9f38326dfee0295cb12

    • SHA512

      78d3c08da6f854774498f257e0a5479245376cda115773a47bfb3b621db6a0e132ad3539237bb09336f0de7b34bbf42e24c53fb02ef450edf430f2d7cf245424

    Score
    10/10
    netwirebotnetstealer

    • Netwire

      Netwire is a RAT with main functionalities focused password stealing and keylogging, but also includes remote control capabilities as well.

      botnetstealernetwire
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Scheduled Task

1
T1053

Persistence

Scheduled Task

1
T1053

Privilege Escalation

Scheduled Task

1
T1053

Defense Evasion

Credential Access

Discovery

Query Registry

1
T1012

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks