e7cddae953978be6b45011ccbde76cc209eb1bfb3976ba9e214a37df62e3e145
e7cddae953978be6b45011ccbde76cc209eb1bfb3976ba9e214a37df62e3e145
496KB
220521-xxmkfscge2
2e949fbd641fbb0b7a2faa128ddd3540
eac22a028a62c18391a452850d9c42fbb19b7fb8
e7cddae953978be6b45011ccbde76cc209eb1bfb3976ba9e214a37df62e3e145
93d326fc1f0bdace236773275b0969dc191e98979e6f353567bf8ca5479773bf8c811dd9b292136a6a1f2aa0999988c79567ef41f75dde5243ebd628582c1d78
e7cddae953978be6b45011ccbde76cc209eb1bfb3976ba9e214a37df62e3e145
2e949fbd641fbb0b7a2faa128ddd3540
496KB
eac22a028a62c18391a452850d9c42fbb19b7fb8
e7cddae953978be6b45011ccbde76cc209eb1bfb3976ba9e214a37df62e3e145
93d326fc1f0bdace236773275b0969dc191e98979e6f353567bf8ca5479773bf8c811dd9b292136a6a1f2aa0999988c79567ef41f75dde5243ebd628582c1d78
Tags
Signatures
-
NetWire RAT payload
-
Netwire
Description
Netwire is a RAT with main functionalities focused password stealing and keylogging, but also includes remote control capabilities as well.
Tags
-
Modifies Installed Components in the registry
Tags
TTPs
-
Adds Run key to start application
Tags
TTPs
-
Suspicious use of SetThreadContext