General

  • Target

    5acb47dac6f58284520fd5f815649102fd35f832aa32e56c7fe85b7e89c5a3eb

  • Size

    292KB

  • Sample

    220802-cpvkwagafq

  • MD5

    32a4863df763521bbda8194091ac6b55

  • SHA1

    839b12c0b149545b43cf3aab0d1750e2d6e0a663

  • SHA256

    5acb47dac6f58284520fd5f815649102fd35f832aa32e56c7fe85b7e89c5a3eb

  • SHA512

    647c294500a88e2ede78a66f9425ac4371726c254feb36222d27e4e8a953802595204741d0933c80d63f585d12af5685647ea809256f0209485ace0b86451d25

Malware Config

Targets

    • Target

      5acb47dac6f58284520fd5f815649102fd35f832aa32e56c7fe85b7e89c5a3eb

    • Size

      292KB

    • MD5

      32a4863df763521bbda8194091ac6b55

    • SHA1

      839b12c0b149545b43cf3aab0d1750e2d6e0a663

    • SHA256

      5acb47dac6f58284520fd5f815649102fd35f832aa32e56c7fe85b7e89c5a3eb

    • SHA512

      647c294500a88e2ede78a66f9425ac4371726c254feb36222d27e4e8a953802595204741d0933c80d63f585d12af5685647ea809256f0209485ace0b86451d25

    • NetWire RAT payload

    • Netwire

      Netwire is a RAT with main functionalities focused password stealing and keylogging, but also includes remote control capabilities as well.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks