Overview

overview

10

Static

static

10

1348-66-0x...ry.exe

windows7_x64

1

1348-66-0x...ry.exe

windows10-2004_x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1348-66-0x0000000000400000-0x0000000000433000-memory.dmp

  • Size

    204KB

  • Sample

    220704-kcww6sfffj

  • MD5

    2a000eaaaba9201ad4e814754432053c

  • SHA1

    8d910d0e7b8b8fe6c8cfc679dd82f58d883df3a5

  • SHA256

    f1adb68f5f61b109de25bd2dbc151ce6ba6e3b4cdd67112c6a7d9b713b1c2bf5

  • SHA512

    c49fc6eded3e1779c629482e05ea946e6c2ba816826db1d2afc8aec460105c9a91cede9cd02e5f780f39d77f28ee49bdb9e9b738519d3c6f8dfceb91c05145f6

Score
10/10
netwirerat

Malware Config

Extracted

Family

netwire

C2

185.140.53.139:3367

185.140.53.139:3368
Attributes
  • activex_autorun

    false

  • copy_executable

    false

  • delete_original

    false

  • host_id

    HostId-%Rand%

  • keylogger_dir

    %AppData%\Logs\

  • lock_executable

    false

  • offline_keylogger

    true

  • password

    Telkomsa@1

  • registry_autorun

    false

  • use_mutex

    false

Targets

    • Target

      1348-66-0x0000000000400000-0x0000000000433000-memory.dmp

    • Size

      204KB

    • MD5

      2a000eaaaba9201ad4e814754432053c

    • SHA1

      8d910d0e7b8b8fe6c8cfc679dd82f58d883df3a5

    • SHA256

      f1adb68f5f61b109de25bd2dbc151ce6ba6e3b4cdd67112c6a7d9b713b1c2bf5

    • SHA512

      c49fc6eded3e1779c629482e05ea946e6c2ba816826db1d2afc8aec460105c9a91cede9cd02e5f780f39d77f28ee49bdb9e9b738519d3c6f8dfceb91c05145f6

    Score
    3/10
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks