General
-
Target
ab60d9d83563c90a10ddec762c39790300afcd4455d029eb6fa5e5c999478870
-
Size
2.1MB
-
Sample
220725-eql18secbn
-
MD5
cef35f9517245d69437ef388ba63ab0f
-
SHA1
cd24179aba477eaf9fe41c3cc3ad13326df0c2d8
-
SHA256
ab60d9d83563c90a10ddec762c39790300afcd4455d029eb6fa5e5c999478870
-
SHA512
d713fa99a763eec4715131c16d5fea47bc3f5de84e3567f9b95f34158fed5a312e1fe053c2d774fd218ac6cadec862966a61ac1dba4ae1cdb19273e70f26d035
Malware Config
Targets
-
-
Target
ab60d9d83563c90a10ddec762c39790300afcd4455d029eb6fa5e5c999478870
-
Size
2.1MB
-
MD5
cef35f9517245d69437ef388ba63ab0f
-
SHA1
cd24179aba477eaf9fe41c3cc3ad13326df0c2d8
-
SHA256
ab60d9d83563c90a10ddec762c39790300afcd4455d029eb6fa5e5c999478870
-
SHA512
d713fa99a763eec4715131c16d5fea47bc3f5de84e3567f9b95f34158fed5a312e1fe053c2d774fd218ac6cadec862966a61ac1dba4ae1cdb19273e70f26d035
Score10/10-
NetWire RAT payload
-
Netwire
Netwire is a RAT with main functionalities focused password stealing and keylogging, but also includes remote control capabilities as well.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Adds Run key to start application
-