General

  • Target

    5e7f47464b5bbd59babb9adc9fea3ca08a7cd8e1874f977b067b78313790d5a1

  • Size

    169KB

  • MD5

    405015782aaf62d1169c254030d66fdb

  • SHA1

    29d4c65b814ba75f14211381ce20e6b58a912108

  • SHA256

    5e7f47464b5bbd59babb9adc9fea3ca08a7cd8e1874f977b067b78313790d5a1

  • SHA512

    3ffd1f482975a57d4c310ab7374f80928ec4c20c68d0640d984b3577e93e7457b2fb2629f134092025702271659457b85228845b2eede7a1d5103680d6b87409

  • SSDEEP

    3072:jOzPcXa+ND32eioGHlz8rnAE0HCXh0edLv/YMjMqqDvFfOpIs:jOTcK+NrRioGHlz8rz0i//zQqqDvFfOl

Score
10/10

Malware Config

Extracted

Family

netwire

C2

66.154.103.106:13377

Attributes
  • activex_autorun

    false

  • activex_key

  • copy_executable

    false

  • delete_original

    false

  • host_id

    myphone

  • install_path

  • keylogger_dir

  • lock_executable

    false

  • mutex

  • offline_keylogger

    false

  • password

    Password

  • registry_autorun

    false

  • startup_name

  • use_mutex

    false

Signatures

  • NetWire RAT payload 1 IoCs
  • Netwire family

Files

  • 5e7f47464b5bbd59babb9adc9fea3ca08a7cd8e1874f977b067b78313790d5a1
    .exe windows x86

    4563c74acbd357d386b177e402b96ce4


    Code Sign

    Headers

    Imports

    Sections