netwire | 399606ebfd62278c7f2d818bbc93d0005b320bc42d79a8356f4683404a76e9ff | Triage

Submit
Reports

Overview

overview

Static

static

399606ebfd...ff.exe

windows7_x64

399606ebfd...ff.exe

windows10-2004_x64

Sharing

General

Target

399606ebfd62278c7f2d818bbc93d0005b320bc42d79a8356f4683404a76e9ff
Size

296KB
Sample

220625-lj6wdsehgl
MD5

3af2a252e150bb45af2b1d84d8377b50
SHA1

cf145e8a7afc704b6a70c219c6d85bc66d7515ff
SHA256

399606ebfd62278c7f2d818bbc93d0005b320bc42d79a8356f4683404a76e9ff
SHA512

3e4104fac084f20d6bbdf2c48525f53cfac974bee80340bb64748258f5397e0bac9d5d360b4892acba67dbdf1afc3e091ddeb62e5ef81dbaa6043ef4014ee218

Score

10^/10

netwire botnet rat stealer

Static task

static1

Behavioral task

behavioral1

Sample

399606ebfd62278c7f2d818bbc93d0005b320bc42d79a8356f4683404a76e9ff.exe

Resource

win7-20220414-en

netwire botnet rat stealer

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

399606ebfd62278c7f2d818bbc93d0005b320bc42d79a8356f4683404a76e9ff.exe

Resource

win10v2004-20220414-en

netwire botnet rat stealer

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  399606ebfd62278c7f2d818bbc93d0005b320bc42d79a8356f4683404a76e9ff
- Size
  
  296KB
- MD5
  
  3af2a252e150bb45af2b1d84d8377b50
- SHA1
  
  cf145e8a7afc704b6a70c219c6d85bc66d7515ff
- SHA256
  
  399606ebfd62278c7f2d818bbc93d0005b320bc42d79a8356f4683404a76e9ff
- SHA512
  
  3e4104fac084f20d6bbdf2c48525f53cfac974bee80340bb64748258f5397e0bac9d5d360b4892acba67dbdf1afc3e091ddeb62e5ef81dbaa6043ef4014ee218
Score

10^/10

netwire botnet rat stealer
- NetWire RAT payload
  rat
- Netwire
  Netwire is a RAT with main functionalities focused password stealing and keylogging, but also includes remote control capabilities as well.
  botnet stealer netwire
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

netwirebotnetratstealer

behavioral2

netwirebotnetratstealer

© 2018-2024

Terms | Privacy