General
-
Target
5ea30913c8c57e66c619c00c244435a948b6e6980611a8579d121c5fec1ac4b4
-
Size
588KB
-
Sample
220731-yefjvsefem
-
MD5
8a66d7caef4291723ebd529425f7f3a7
-
SHA1
b1bc92bf6e09cb9355ee36000fae656417de6389
-
SHA256
5ea30913c8c57e66c619c00c244435a948b6e6980611a8579d121c5fec1ac4b4
-
SHA512
82d83e26c3f69b1d7e45b36303a475f232c2e4958e8ccbe51371573f57a0521b2dbcfd28797ba92842fb5f354016fec7e2bd965206b81c20ad9c8d7e6390a338
Static task
static1
Behavioral task
behavioral1
Sample
5ea30913c8c57e66c619c00c244435a948b6e6980611a8579d121c5fec1ac4b4.exe
Resource
win7-20220718-en
Malware Config
Extracted
netwire
204.152.219.82:9008
-
activex_autorun
false
-
copy_executable
false
-
delete_original
false
-
host_id
HostId-%Rand%
-
lock_executable
false
-
offline_keylogger
false
-
password
Password
-
registry_autorun
false
-
use_mutex
false
Targets
-
-
Target
5ea30913c8c57e66c619c00c244435a948b6e6980611a8579d121c5fec1ac4b4
-
Size
588KB
-
MD5
8a66d7caef4291723ebd529425f7f3a7
-
SHA1
b1bc92bf6e09cb9355ee36000fae656417de6389
-
SHA256
5ea30913c8c57e66c619c00c244435a948b6e6980611a8579d121c5fec1ac4b4
-
SHA512
82d83e26c3f69b1d7e45b36303a475f232c2e4958e8ccbe51371573f57a0521b2dbcfd28797ba92842fb5f354016fec7e2bd965206b81c20ad9c8d7e6390a338
-
NetWire RAT payload
-
Suspicious use of SetThreadContext
-