General
-
Target
Quote.js
-
Size
411KB
-
Sample
220803-slqqhscec6
-
MD5
afcf21a9379f301577b6156e7dd5888f
-
SHA1
ce875060f396eb0699cdd5d11d7e871ea6e72c0f
-
SHA256
fbd12a584f6a7db50d27d2e9eeb3ce160f84142049d75b2044411a589eaaf4d9
-
SHA512
2869eecff8c1aaa249a879b40e02e433045f88145c07ed431c9f80280d034367c8ad98acfbb0557f373390df87b7e2df25bb3b0aa1ff49cf12c1998f386e9c35
Static task
static1
Behavioral task
behavioral1
Sample
Quote.js
Resource
win7-20220718-en
Behavioral task
behavioral2
Sample
Quote.js
Resource
win10v2004-20220721-en
Malware Config
Targets
-
-
Target
Quote.js
-
Size
411KB
-
MD5
afcf21a9379f301577b6156e7dd5888f
-
SHA1
ce875060f396eb0699cdd5d11d7e871ea6e72c0f
-
SHA256
fbd12a584f6a7db50d27d2e9eeb3ce160f84142049d75b2044411a589eaaf4d9
-
SHA512
2869eecff8c1aaa249a879b40e02e433045f88145c07ed431c9f80280d034367c8ad98acfbb0557f373390df87b7e2df25bb3b0aa1ff49cf12c1998f386e9c35
Score10/10-
NetWire RAT payload
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops startup file
-
Loads dropped DLL
-
Adds Run key to start application
-