General

  • Target

    860dec801ec22d2e86149d57ad8b367efa864edfeb0fb6766e392b485e16da53

  • Size

    160KB

  • Sample

    220217-aa91xaefd9

  • MD5

    1f9b9014668b7ce934a8e5fcac69cd56

  • SHA1

    18f4f94fd9d5d88df886fc60f57272ba54b8570c

  • SHA256

    860dec801ec22d2e86149d57ad8b367efa864edfeb0fb6766e392b485e16da53

  • SHA512

    e72f5b8e6c1c207df6c0ce520e5b927c0760181e26362c1261ae37b70e6c67d6852552da27cec5d18c6cbc2d46e151e308b057775f7144496f11803e691e6b8f

Malware Config

Extracted

Family

netwire

C2

80.66.76.75:3360

Attributes
  • activex_autorun

    false

  • activex_key

  • copy_executable

    false

  • delete_original

    false

  • host_id

    HostId-%Rand%

  • install_path

  • keylogger_dir

  • lock_executable

    false

  • mutex

  • offline_keylogger

    false

  • password

    Password

  • registry_autorun

    false

  • startup_name

  • use_mutex

    false

Targets

    • Target

      860dec801ec22d2e86149d57ad8b367efa864edfeb0fb6766e392b485e16da53

    • Size

      160KB

    • MD5

      1f9b9014668b7ce934a8e5fcac69cd56

    • SHA1

      18f4f94fd9d5d88df886fc60f57272ba54b8570c

    • SHA256

      860dec801ec22d2e86149d57ad8b367efa864edfeb0fb6766e392b485e16da53

    • SHA512

      e72f5b8e6c1c207df6c0ce520e5b927c0760181e26362c1261ae37b70e6c67d6852552da27cec5d18c6cbc2d46e151e308b057775f7144496f11803e691e6b8f

    Score
    10/10
    • Netwire

      Netwire is a RAT with main functionalities focused password stealing and keylogging, but also includes remote control capabilities as well.

MITRE ATT&CK Enterprise v6

Tasks