General
-
Target
62387f4d55f15ea72c8d7f5d2ab1bd4029d895fe3f22d95980291b2595a658e6
-
Size
88KB
-
Sample
220217-cx76yahber
-
MD5
4546bd435f34559a7722e4e21834dab8
-
SHA1
8eb91482585aae5a333101125836439c49eb39b1
-
SHA256
62387f4d55f15ea72c8d7f5d2ab1bd4029d895fe3f22d95980291b2595a658e6
-
SHA512
d6b6f1f66f266d2bd3abb26d8cac12cbe378e74c2dbc168312e4333dde867b1a6eb3189ccea3c2b4c71258f8062bd8b8311b09f341e1db52cf8be04108553fc3
Behavioral task
behavioral1
Sample
62387f4d55f15ea72c8d7f5d2ab1bd4029d895fe3f22d95980291b2595a658e6.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
62387f4d55f15ea72c8d7f5d2ab1bd4029d895fe3f22d95980291b2595a658e6.exe
Resource
win10v2004-en-20220112
Malware Config
Extracted
netwire
go0gle.duckdns.org:4000
update.privatizehealthinsurance.net:4000
service.cable-modem.org:4000
-
activex_autorun
false
- activex_key
-
copy_executable
false
-
delete_original
false
-
host_id
JAH JEHOVA EMMA
- install_path
-
keylogger_dir
%AppData%\Logs\
-
lock_executable
true
-
mutex
ozowarac
-
offline_keylogger
true
-
password
Password
-
registry_autorun
false
- startup_name
-
use_mutex
true
Targets
-
-
Target
62387f4d55f15ea72c8d7f5d2ab1bd4029d895fe3f22d95980291b2595a658e6
-
Size
88KB
-
MD5
4546bd435f34559a7722e4e21834dab8
-
SHA1
8eb91482585aae5a333101125836439c49eb39b1
-
SHA256
62387f4d55f15ea72c8d7f5d2ab1bd4029d895fe3f22d95980291b2595a658e6
-
SHA512
d6b6f1f66f266d2bd3abb26d8cac12cbe378e74c2dbc168312e4333dde867b1a6eb3189ccea3c2b4c71258f8062bd8b8311b09f341e1db52cf8be04108553fc3
Score4/10 -