General
-
Target
VIRGINIA-TAX-RETURN-2021-US-EXT.bin
-
Size
4.5MB
-
Sample
220812-r5jkwaedfn
-
MD5
e302ec600c469b71aca2876efe3a81a0
-
SHA1
da63fbb7f05c213dfb07cb1fe93b92fcf251c8b7
-
SHA256
d70365481fb4806130743afd199697eb981a0eb2756754ecc548f5b30c2203a5
-
SHA512
45f8dcb0178398990c9ffe19fc162e4f47b612f119a7e5017749f3570467de7237c7f4cb79992f93e987181b3b2cd42dce50502286184d9269895e2421064a8c
Malware Config
Targets
-
-
Target
VIRGINIA-TAX-RETURN-2021-US-EXT.bin
-
Size
4.5MB
-
MD5
e302ec600c469b71aca2876efe3a81a0
-
SHA1
da63fbb7f05c213dfb07cb1fe93b92fcf251c8b7
-
SHA256
d70365481fb4806130743afd199697eb981a0eb2756754ecc548f5b30c2203a5
-
SHA512
45f8dcb0178398990c9ffe19fc162e4f47b612f119a7e5017749f3570467de7237c7f4cb79992f93e987181b3b2cd42dce50502286184d9269895e2421064a8c
Score10/10-
NetWire RAT payload
-
Netwire
Netwire is a RAT with main functionalities focused password stealing and keylogging, but also includes remote control capabilities as well.
-
Blocklisted process makes network request
-
Downloads MZ/PE file
-
Executes dropped EXE
-
Loads dropped DLL
-