Overview

overview

10

Static

static

10

2172-142-0...ry.exe

windows7_x64

1

2172-142-0...ry.exe

windows10-2004_x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2172-142-0x0000000000400000-0x0000000000433000-memory.dmp

  • Size

    204KB

  • Sample

    220712-vm6t8sbbbl

  • MD5

    29e42db6d40c9c978912966fe2dac080

  • SHA1

    ea9a0bce23dede787f1e94100812bb4e15c6482a

  • SHA256

    8eed9ef6841573a1cdc060b1db8506c5005041965bee3f6f1601c48a218a14fd

  • SHA512

    b2a8102ee1acb155ea1a49f3b62639f54d1b89ea85caa322958c9a88e657d49d9915df072007932ad5c42cec98ec9965370055286f47c809affa1a0ca8cb84ff

Score
10/10
netwirerat

Malware Config

Extracted

Family

netwire

C2

37.0.14.203:3083

Attributes
  • activex_autorun

    false

  • copy_executable

    true

  • delete_original

    false

  • host_id

    HostId-%Rand%

  • install_path

    %AppData%\Install\Host.exe

  • keylogger_dir

    %AppData%\Logs\

  • lock_executable

    false

  • offline_keylogger

    true

  • password

    Elibee88

  • registry_autorun

    false

  • use_mutex

    false

Targets

    • Target

      2172-142-0x0000000000400000-0x0000000000433000-memory.dmp

    • Size

      204KB

    • MD5

      29e42db6d40c9c978912966fe2dac080

    • SHA1

      ea9a0bce23dede787f1e94100812bb4e15c6482a

    • SHA256

      8eed9ef6841573a1cdc060b1db8506c5005041965bee3f6f1601c48a218a14fd

    • SHA512

      b2a8102ee1acb155ea1a49f3b62639f54d1b89ea85caa322958c9a88e657d49d9915df072007932ad5c42cec98ec9965370055286f47c809affa1a0ca8cb84ff

    Score
    3/10
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks