Extracted

• • Target

    4e3f66bb2fc5fc5c5d3b59f3fae3833f4ddf43132a014729f7c5061e056a81bc

  • Size

    326KB

  • MD5

    6f4ba42f8202789c34ee0f037de67a8d

  • SHA1

    52b37aa38ddeccbc57a5c9656cf4baa76136f57f

  • SHA256

    4e3f66bb2fc5fc5c5d3b59f3fae3833f4ddf43132a014729f7c5061e056a81bc

  • SHA512

    261185f654263a4632bc2a7b10f20b19131e32f8fa32e5ac3d7609a4815c5e56982bfc1e738da034efa00e54f4b6c5de5738b7165e2cc38eac254e13c1dfcc2b

  Score

  10^/10

  netwirebotnetratstealer

  • NetWire RAT payload

    rat

  • Netwire

    Netwire is a RAT with main functionalities focused password stealing and keylogging, but also includes remote control capabilities as well.

    botnetstealernetwire

  • Checks BIOS information in registry

    BIOS information is often read in order to detect sandboxing environments.

  • Suspicious use of SetThreadContext

  behavioral1behavioral2