General
-
Target
b8f79f47c3cbbeb14ad95220ba63dc3ab974dbad8017f347879254113d4b0df2
-
Size
106KB
-
Sample
220701-f8peraeagl
-
MD5
4db71ada85487da2cc2dc248736ddb43
-
SHA1
cf981bbdfde226ddfc7a6e23d6ba47aec6a196d2
-
SHA256
b8f79f47c3cbbeb14ad95220ba63dc3ab974dbad8017f347879254113d4b0df2
-
SHA512
98327c2430586c9cfa33bc3b6a5921f71e68d5756e1fca0ba88e5c4e28ac50af3267ef2b77516a788f334ddc709c8fd8a9be2aeef239928766810bda61f4e68b
Behavioral task
behavioral1
Sample
b8f79f47c3cbbeb14ad95220ba63dc3ab974dbad8017f347879254113d4b0df2.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
b8f79f47c3cbbeb14ad95220ba63dc3ab974dbad8017f347879254113d4b0df2.exe
Resource
win10v2004-20220414-en
Malware Config
Targets
-
-
Target
b8f79f47c3cbbeb14ad95220ba63dc3ab974dbad8017f347879254113d4b0df2
-
Size
106KB
-
MD5
4db71ada85487da2cc2dc248736ddb43
-
SHA1
cf981bbdfde226ddfc7a6e23d6ba47aec6a196d2
-
SHA256
b8f79f47c3cbbeb14ad95220ba63dc3ab974dbad8017f347879254113d4b0df2
-
SHA512
98327c2430586c9cfa33bc3b6a5921f71e68d5756e1fca0ba88e5c4e28ac50af3267ef2b77516a788f334ddc709c8fd8a9be2aeef239928766810bda61f4e68b
Score10/10-
NetWire RAT payload
-
Executes dropped EXE
-
Modifies Installed Components in the registry
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Adds Run key to start application
-