General

  • Target

    3c7e44e2b240655a3f18fde494d90ba07478b3e28f0161f63ecfd48049a7d554

  • Size

    434KB

  • Sample

    220520-qahjnafgdk

  • MD5

    97c8146c10d533dacaaca193761b1c98

  • SHA1

    dff81aa37ff7d60095615682ded6490f188ae959

  • SHA256

    3c7e44e2b240655a3f18fde494d90ba07478b3e28f0161f63ecfd48049a7d554

  • SHA512

    e387b91b904e4d29de77c196cf32541b26e968341be4011b386504f47c737ad066bba23b428464a2f2ca516c5f9fc1f88d14e25c5dfc497f4a3bb9c1f72038d4

Malware Config

Targets

    • Target

      3c7e44e2b240655a3f18fde494d90ba07478b3e28f0161f63ecfd48049a7d554

    • Size

      434KB

    • MD5

      97c8146c10d533dacaaca193761b1c98

    • SHA1

      dff81aa37ff7d60095615682ded6490f188ae959

    • SHA256

      3c7e44e2b240655a3f18fde494d90ba07478b3e28f0161f63ecfd48049a7d554

    • SHA512

      e387b91b904e4d29de77c196cf32541b26e968341be4011b386504f47c737ad066bba23b428464a2f2ca516c5f9fc1f88d14e25c5dfc497f4a3bb9c1f72038d4

    • NetWire RAT payload

    • Netwire

      Netwire is a RAT with main functionalities focused password stealing and keylogging, but also includes remote control capabilities as well.

    • Blocklisted process makes network request

    • Loads dropped DLL

MITRE ATT&CK Matrix ATT&CK v6

Discovery

System Information Discovery

1
T1082

Tasks