General
-
Target
5c13440713c43f5b77bd6cab23ced939b1db989722274f4acc8e07bc42c61fb8
-
Size
127KB
-
Sample
220701-gjd36aefcp
-
MD5
e82fb7a5e11d29a2c2526df742c9a7cb
-
SHA1
9f663051e9df68192159af651ad6e634ff811427
-
SHA256
5c13440713c43f5b77bd6cab23ced939b1db989722274f4acc8e07bc42c61fb8
-
SHA512
90912a1f4f04afda60ef5547f86ac4a8cacdca309c72a4d90cfbfa64a51849f1f99d40ecdcfe761b1ca4007cea1c7e7cb58e9f6c5a757315f93d8fdc63ae2492
Behavioral task
behavioral1
Sample
5c13440713c43f5b77bd6cab23ced939b1db989722274f4acc8e07bc42c61fb8.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
5c13440713c43f5b77bd6cab23ced939b1db989722274f4acc8e07bc42c61fb8.exe
Resource
win10v2004-20220414-en
Malware Config
Targets
-
-
Target
5c13440713c43f5b77bd6cab23ced939b1db989722274f4acc8e07bc42c61fb8
-
Size
127KB
-
MD5
e82fb7a5e11d29a2c2526df742c9a7cb
-
SHA1
9f663051e9df68192159af651ad6e634ff811427
-
SHA256
5c13440713c43f5b77bd6cab23ced939b1db989722274f4acc8e07bc42c61fb8
-
SHA512
90912a1f4f04afda60ef5547f86ac4a8cacdca309c72a4d90cfbfa64a51849f1f99d40ecdcfe761b1ca4007cea1c7e7cb58e9f6c5a757315f93d8fdc63ae2492
Score10/10-
NetWire RAT payload
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Adds Run key to start application
-