Extracted

• • Target

    369e6cfec01912c0ef9748f97a1c7170c78245eb9a46414b08cb08b6477466b4

  • Size

    467KB

  • MD5

    f5aa443c7bd791537abe9cdfede42c58

  • SHA1

    711095847e9acb5724759027a61fc98b5d443410

  • SHA256

    369e6cfec01912c0ef9748f97a1c7170c78245eb9a46414b08cb08b6477466b4

  • SHA512

    11da2b9bb91d5e5261d56f851e38d63411f790c966ea776fab518c4f8fafef1313ee73d55f3a3ffd3b0bc7720c48b1b14cad3d381cd588526a625992eae817c3

  Score

  10^/10

  netwirebotnetratstealer

  • NetWire RAT payload

    rat

  • Netwire

    Netwire is a RAT with main functionalities focused password stealing and keylogging, but also includes remote control capabilities as well.

    botnetstealernetwire

  • Drops startup file

  • Uses the VBS compiler for execution

  • Suspicious use of SetThreadContext

  behavioral1behavioral2