General

  • Target

    962c56ec4b5c877da762c9f95ea2aa1bffbf34f9615b3a9df8d53cec75c434bb

  • Size

    127KB

  • Sample

    220701-hlf6zagefl

  • MD5

    c45bedf2bd458697c71a854c74e474f2

  • SHA1

    5f24b352f14def8d0aef90cdda4ff88c58f7ccbd

  • SHA256

    962c56ec4b5c877da762c9f95ea2aa1bffbf34f9615b3a9df8d53cec75c434bb

  • SHA512

    f303065611b0c798773403e915427d39d689487f437131aff580314032b977e60436f689a4ac909c1f93ddab05b9ffc39cddef51714b744c726c48393a59ec23

Malware Config

Targets

    • Target

      962c56ec4b5c877da762c9f95ea2aa1bffbf34f9615b3a9df8d53cec75c434bb

    • Size

      127KB

    • MD5

      c45bedf2bd458697c71a854c74e474f2

    • SHA1

      5f24b352f14def8d0aef90cdda4ff88c58f7ccbd

    • SHA256

      962c56ec4b5c877da762c9f95ea2aa1bffbf34f9615b3a9df8d53cec75c434bb

    • SHA512

      f303065611b0c798773403e915427d39d689487f437131aff580314032b977e60436f689a4ac909c1f93ddab05b9ffc39cddef51714b744c726c48393a59ec23

    • Netwire

      Netwire is a RAT with main functionalities focused password stealing and keylogging, but also includes remote control capabilities as well.

    • Modifies Installed Components in the registry

MITRE ATT&CK Matrix ATT&CK v6

Persistence

Registry Run Keys / Startup Folder

1
T1060

Defense Evasion

Modify Registry

1
T1112

Tasks