General
-
Target
b650ac14a0c73c8649b19d76c17fbd2a222ecd799306a58db24b7a3461b8bab8
-
Size
233KB
-
Sample
220708-sy44nsgagl
-
MD5
b99cb8afddf5ac56bad0efac8bba0f76
-
SHA1
c72ba87e3f39e807afd0d88cfca9504073fa005d
-
SHA256
b650ac14a0c73c8649b19d76c17fbd2a222ecd799306a58db24b7a3461b8bab8
-
SHA512
453308eed1dae8670dd3a328dc4ac47557182679748a1127b546ea59110b7b868bf6b8d8a416233558424e16690c068048689f245332a374c8d45845a44acd67
Malware Config
Extracted
netwire
vegan.giize.com:1604
-
activex_autorun
false
-
copy_executable
false
-
delete_original
false
-
host_id
HostId-%Rand%
-
lock_executable
false
-
offline_keylogger
false
-
password
Password
-
registry_autorun
false
-
use_mutex
false
Targets
-
-
Target
b650ac14a0c73c8649b19d76c17fbd2a222ecd799306a58db24b7a3461b8bab8
-
Size
233KB
-
MD5
b99cb8afddf5ac56bad0efac8bba0f76
-
SHA1
c72ba87e3f39e807afd0d88cfca9504073fa005d
-
SHA256
b650ac14a0c73c8649b19d76c17fbd2a222ecd799306a58db24b7a3461b8bab8
-
SHA512
453308eed1dae8670dd3a328dc4ac47557182679748a1127b546ea59110b7b868bf6b8d8a416233558424e16690c068048689f245332a374c8d45845a44acd67
Score10/10-
NetWire RAT payload
-
Netwire
Netwire is a RAT with main functionalities focused password stealing and keylogging, but also includes remote control capabilities as well.
-
Drops startup file
-
Suspicious use of SetThreadContext
-