netwire | fb1c07a5c52e4a3332370d84c3555b410404808bc14a39bcc1910b0402aee342 | Triage

Submit
Reports

Overview

overview

Static

static

fb1c07a5c5...42.msi

windows7_x64

fb1c07a5c5...42.msi

windows10-2004_x64

6

Sharing

General

Target

fb1c07a5c52e4a3332370d84c3555b410404808bc14a39bcc1910b0402aee342
Size

548KB
Sample

220630-3tjbhsefa4
MD5

0aefcc4a1b91e429cff41e6e40081761
SHA1

3d94dbd4b99efb87b9594684be8d3c5931072509
SHA256

fb1c07a5c52e4a3332370d84c3555b410404808bc14a39bcc1910b0402aee342
SHA512

63c821bc8b6119d3ceffc9fff062ff2d3ab8cf334a241921e09deaa86183acde4a08da14b313f833f3914a7f8e953164ea75d281914f664c0713a77716389ec7

Score

10^/10

netwire botnet rat stealer

Static task

static1

Behavioral task

behavioral1

Sample

fb1c07a5c52e4a3332370d84c3555b410404808bc14a39bcc1910b0402aee342.msi

Resource

win7-20220414-en

netwire botnet rat stealer

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

fb1c07a5c52e4a3332370d84c3555b410404808bc14a39bcc1910b0402aee342.msi

Resource

win10v2004-20220414-en

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  fb1c07a5c52e4a3332370d84c3555b410404808bc14a39bcc1910b0402aee342
- Size
  
  548KB
- MD5
  
  0aefcc4a1b91e429cff41e6e40081761
- SHA1
  
  3d94dbd4b99efb87b9594684be8d3c5931072509
- SHA256
  
  fb1c07a5c52e4a3332370d84c3555b410404808bc14a39bcc1910b0402aee342
- SHA512
  
  63c821bc8b6119d3ceffc9fff062ff2d3ab8cf334a241921e09deaa86183acde4a08da14b313f833f3914a7f8e953164ea75d281914f664c0713a77716389ec7
Score

10^/10

netwire botnet rat stealer
- NetWire RAT payload
  rat
- Netwire
  Netwire is a RAT with main functionalities focused password stealing and keylogging, but also includes remote control capabilities as well.
  botnet stealer netwire
- Executes dropped EXE
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

netwirebotnetratstealer

behavioral2

© 2018-2024

Terms | Privacy