Overview

overview

10

Static

static

a2cfd560eb...7b.exe

windows7-x64

10

a2cfd560eb...7b.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    a2cfd560eb6407185f6d5099d6c153cd88d9d4e55b725b2e7d560b240d2b917b

  • Size

    784KB

  • Sample

    220731-hec6qsdhbq

  • MD5

    da62ec3593d48b259a93a8ccf98ac487

  • SHA1

    9cc217b195b5ddb10b068681c41b999a4f42ad32

  • SHA256

    a2cfd560eb6407185f6d5099d6c153cd88d9d4e55b725b2e7d560b240d2b917b

  • SHA512

    3369fb9af4da2869fbb5e7740bfbeac76860d282e9fcdea2c9abfbafb745edd81feb64e3013e4ae32d967b3b15dcbd32461a847956150dc730830ec28e6db878

Score
10/10
netwirebotnetratstealer

Malware Config

Targets

    • Target

      a2cfd560eb6407185f6d5099d6c153cd88d9d4e55b725b2e7d560b240d2b917b

    • Size

      784KB

    • MD5

      da62ec3593d48b259a93a8ccf98ac487

    • SHA1

      9cc217b195b5ddb10b068681c41b999a4f42ad32

    • SHA256

      a2cfd560eb6407185f6d5099d6c153cd88d9d4e55b725b2e7d560b240d2b917b

    • SHA512

      3369fb9af4da2869fbb5e7740bfbeac76860d282e9fcdea2c9abfbafb745edd81feb64e3013e4ae32d967b3b15dcbd32461a847956150dc730830ec28e6db878

    Score
    10/10
    netwirebotnetratstealer

    • NetWire RAT payload

      rat

    • Netwire

      Netwire is a RAT with main functionalities focused password stealing and keylogging, but also includes remote control capabilities as well.

      botnetstealernetwire

    • Executes dropped EXE

    • Loads dropped DLL

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks