netwire | d5a23a943397163bc154dc3fd424ee6ba6022df72804e2c5231eda496515b768 | Triage

Submit
Reports

Overview

overview

Static

static

d5a23a9433...68.exe

windows7-x64

d5a23a9433...68.exe

windows10-2004-x64

Sharing

General

Target

d5a23a943397163bc154dc3fd424ee6ba6022df72804e2c5231eda496515b768
Size

296KB
Sample

220731-fnq3vaacep
MD5

970f3b397fa42324f5573b95e61142b8
SHA1

ca75d8928d20b0bc3389685d404b366f335f68d8
SHA256

d5a23a943397163bc154dc3fd424ee6ba6022df72804e2c5231eda496515b768
SHA512

c98ac113b467d15027d614dd8317f69f3ec270b2c2e4a16a363265c0072fad6e27c10d034ff1293c669284eaf78b787eeccb6bbc07d8bdced5dadd95e64c9602

Score

10^/10

netwire botnet rat stealer

Static task

static1

Behavioral task

behavioral1

Sample

d5a23a943397163bc154dc3fd424ee6ba6022df72804e2c5231eda496515b768.exe

Resource

win7-20220718-en

netwire botnet rat stealer

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

d5a23a943397163bc154dc3fd424ee6ba6022df72804e2c5231eda496515b768.exe

Resource

win10v2004-20220722-en

netwire botnet rat stealer

windows10-2004-x64

5 signatures

150 seconds

Malware Config

Targets

- Target
  
  d5a23a943397163bc154dc3fd424ee6ba6022df72804e2c5231eda496515b768
- Size
  
  296KB
- MD5
  
  970f3b397fa42324f5573b95e61142b8
- SHA1
  
  ca75d8928d20b0bc3389685d404b366f335f68d8
- SHA256
  
  d5a23a943397163bc154dc3fd424ee6ba6022df72804e2c5231eda496515b768
- SHA512
  
  c98ac113b467d15027d614dd8317f69f3ec270b2c2e4a16a363265c0072fad6e27c10d034ff1293c669284eaf78b787eeccb6bbc07d8bdced5dadd95e64c9602
Score

10^/10

netwire botnet rat stealer
- NetWire RAT payload
  rat
- Netwire
  Netwire is a RAT with main functionalities focused password stealing and keylogging, but also includes remote control capabilities as well.
  botnet stealer netwire
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

netwirebotnetratstealer

behavioral2

netwirebotnetratstealer

© 2018-2024

Terms | Privacy