ff0b1d9f2221e78773cfed9e89f87eab3add2c872f44f7f8cd10e18e2e0e8465 | Triage

Submit
Reports

Overview

overview

Static

static

ff0b1d9f22...65.exe

windows7_x64

ff0b1d9f22...65.exe

windows10-2004_x64

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

ff0b1d9f2221e78773cfed9e89f87eab3add2c872f44f7f8cd10e18e2e0e8465.exe

Resource

win7-20220414-en

netwire botnet persistence rat stealer

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

ff0b1d9f2221e78773cfed9e89f87eab3add2c872f44f7f8cd10e18e2e0e8465.exe

Resource

win10v2004-20220414-en

netwire botnet persistence rat stealer

windows10-2004_x64

0 signatures

0 seconds

General

Target

ff0b1d9f2221e78773cfed9e89f87eab3add2c872f44f7f8cd10e18e2e0e8465
Size

632KB
MD5

29b89507364a0868ff24aa52e9f9a30f
SHA1

a33e07b0f35d1fa69c732b8ef03fbd045c1d443d
SHA256

ff0b1d9f2221e78773cfed9e89f87eab3add2c872f44f7f8cd10e18e2e0e8465
SHA512

c7c4e572fbeaa3e10c9f5754b94e56efbcbcad5f6aa2b144e8b8a12d5fd3f43e16465f0b771c39e5d94167ae95416a2a5ebaa1a1b0329c3a7ba652fb13f34611
SSDEEP

12288:t0Uhw2+EAMi0ROcNQ+hphjvqVYhN3unnNXHVRUfN4zyO:t22/Jr7NQ+hnjvr6nNXrUn

Score

N/A

Malware Config

Signatures

Files

ff0b1d9f2221e78773cfed9e89f87eab3add2c872f44f7f8cd10e18e2e0e8465
.exe windows x86

2977270fae1bfe1cc3a3258b5bc0e2ed

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

MethCallEngine
ord513
ord554
ord664
ord591
ord592
ord594
ord595
ord520
ord521
ord709
ord633
EVENT_SINK_AddRef
ord671
ord568
EVENT_SINK_Release
ord600
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord710
ord530
ord531
ord570
ord680
ord100
ord616
ord543
ord544
ord581

Sections

.text
Size: 612KB - Virtual size: 609KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2024

Terms | Privacy