netwire | 3777a3e8d9718ad94254a20ae962f68a513da63668d8621c2b93a4a582ca9573 | Triage

Submit
Reports

Overview

overview

Static

static

1

3777a3e8d9...73.exe

windows7_x64

3777a3e8d9...73.exe

windows10-2004_x64

Sharing

General

Target

3777a3e8d9718ad94254a20ae962f68a513da63668d8621c2b93a4a582ca9573
Size

149KB
Sample

220625-276tashhf2
MD5

9128ba0138be09b05ea45364e482d01d
SHA1

94b47559d6367e2f02f0002810f4cb9cee339fa1
SHA256

3777a3e8d9718ad94254a20ae962f68a513da63668d8621c2b93a4a582ca9573
SHA512

d677b5db63a188978ebd31ca5a839eedc60f6033cc13839b4df9a067afd85cbf652f1e1d9b66dcb2e699edd5b60b179c9462f74f5b389b80d5381c78a3f56db9

Score

10^/10

netwire botnet persistence rat stealer

Static task

static1

Behavioral task

behavioral1

Sample

3777a3e8d9718ad94254a20ae962f68a513da63668d8621c2b93a4a582ca9573.exe

Resource

win7-20220414-en

netwire botnet persistence rat stealer

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

3777a3e8d9718ad94254a20ae962f68a513da63668d8621c2b93a4a582ca9573.exe

Resource

win10v2004-20220414-en

netwire botnet persistence rat stealer

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  3777a3e8d9718ad94254a20ae962f68a513da63668d8621c2b93a4a582ca9573
- Size
  
  149KB
- MD5
  
  9128ba0138be09b05ea45364e482d01d
- SHA1
  
  94b47559d6367e2f02f0002810f4cb9cee339fa1
- SHA256
  
  3777a3e8d9718ad94254a20ae962f68a513da63668d8621c2b93a4a582ca9573
- SHA512
  
  d677b5db63a188978ebd31ca5a839eedc60f6033cc13839b4df9a067afd85cbf652f1e1d9b66dcb2e699edd5b60b179c9462f74f5b389b80d5381c78a3f56db9
Score

10^/10

netwire botnet persistence rat stealer
- NetWire RAT payload
  rat
- Netwire
  Netwire is a RAT with main functionalities focused password stealing and keylogging, but also includes remote control capabilities as well.
  botnet stealer netwire
- Executes dropped EXE
- Modifies Installed Components in the registry
  persistence
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

netwirebotnetpersistenceratstealer

behavioral2

netwirebotnetpersistenceratstealer

© 2018-2024

Terms | Privacy