a40124b437f62aba90af59ec30355a9ab7b1dbadbf1c18e12394d053c3b7c7b9 | Triage

Submit
Reports

Overview

overview

Static

static

a40124b437...b9.exe

windows7-x64

a40124b437...b9.exe

windows10-2004-x64

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

a40124b437f62aba90af59ec30355a9ab7b1dbadbf1c18e12394d053c3b7c7b9.exe

Resource

win7-20220718-en

netwire botnet rat stealer

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

a40124b437f62aba90af59ec30355a9ab7b1dbadbf1c18e12394d053c3b7c7b9.exe

Resource

win10v2004-20220721-en

netwire botnet rat stealer

windows10-2004-x64

7 signatures

150 seconds

General

Target

a40124b437f62aba90af59ec30355a9ab7b1dbadbf1c18e12394d053c3b7c7b9
Size

159KB
MD5

389eb42409ce5da14af2311a26a1e8cf
SHA1

0e2305cc75cf934521243b162b1b7f260407e0db
SHA256

a40124b437f62aba90af59ec30355a9ab7b1dbadbf1c18e12394d053c3b7c7b9
SHA512

45a944f6d7974e406e119e5a73b956821ccf96fe4b999cf8a351105215d27491fcd1ec6489be065f8b04f69698b758ef1302dc62699613962cd5863b096ab382
SSDEEP

3072:m3OU2fNRB4SNpEhB7AwWK3AxiK/hZsnIFWgDTTPxMMvi0JjlC/j/hj8Gz:mf2fNNNp07n/3AxbUnIF/PWi3FlCb/ht

Score

N/A

Malware Config

Signatures

Files

a40124b437f62aba90af59ec30355a9ab7b1dbadbf1c18e12394d053c3b7c7b9
.exe windows x86

eadf018f07b7d48ad5f0091c04519130

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualProtect
GetProcessHeap
HeapAlloc

oleaut32

VarDecInt
VarDateFromDec
SysStringLen
VarDecFromUI4
VarUI4FromBool

glu32

gluTessVertex
gluDisk
gluTessCallback
gluTessNormal
gluProject
gluLoadSamplingMatrices
gluTessBeginContour
gluDeleteNurbsRenderer

crypt32

CertNameToStrW
CertVerifyCRLTimeValidity
CertAddCTLContextToStore
CryptDecryptMessage

mapi32

ord190
ord143
ord46
ord154
ord21

mpr

WNetAddConnection3A
WNetGetProviderNameA
WNetOpenEnumW
WNetGetUniversalNameW
MultinetGetConnectionPerformanceW
WNetGetNetworkInformationW
WNetGetResourceInformationW
WNetGetResourceInformationA

mscms

GenerateCopyFilePaths
SetStandardColorSpaceProfileW
InstallColorProfileA
GetPS2ColorSpaceArray
SetColorProfileHeader
RegisterCMMA
GetCountColorProfileElements
GetCMMInfo
OpenColorProfileW
CloseColorProfile

Sections

.text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2024

Terms | Privacy