General
-
Target
e7cddae953978be6b45011ccbde76cc209eb1bfb3976ba9e214a37df62e3e145
-
Size
496KB
-
Sample
220521-xxmkfscge2
-
MD5
2e949fbd641fbb0b7a2faa128ddd3540
-
SHA1
eac22a028a62c18391a452850d9c42fbb19b7fb8
-
SHA256
e7cddae953978be6b45011ccbde76cc209eb1bfb3976ba9e214a37df62e3e145
-
SHA512
93d326fc1f0bdace236773275b0969dc191e98979e6f353567bf8ca5479773bf8c811dd9b292136a6a1f2aa0999988c79567ef41f75dde5243ebd628582c1d78
Static task
static1
Behavioral task
behavioral1
Sample
e7cddae953978be6b45011ccbde76cc209eb1bfb3976ba9e214a37df62e3e145.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
e7cddae953978be6b45011ccbde76cc209eb1bfb3976ba9e214a37df62e3e145.exe
Resource
win10v2004-20220414-en
Malware Config
Targets
-
-
Target
e7cddae953978be6b45011ccbde76cc209eb1bfb3976ba9e214a37df62e3e145
-
Size
496KB
-
MD5
2e949fbd641fbb0b7a2faa128ddd3540
-
SHA1
eac22a028a62c18391a452850d9c42fbb19b7fb8
-
SHA256
e7cddae953978be6b45011ccbde76cc209eb1bfb3976ba9e214a37df62e3e145
-
SHA512
93d326fc1f0bdace236773275b0969dc191e98979e6f353567bf8ca5479773bf8c811dd9b292136a6a1f2aa0999988c79567ef41f75dde5243ebd628582c1d78
Score10/10-
NetWire RAT payload
-
Modifies Installed Components in the registry
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-