Overview

overview

10

Static

static

10

2472-138-0...ry.exe

windows7-x64

2472-138-0...ry.exe

windows10-2004-x64

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2472-138-0x0000000000400000-0x0000000000450000-memory.dmp

  • Size

    320KB

  • Sample

    220817-e2ndfaadeq

  • MD5

    76bc1dd23f9e3b3c6306422284f85035

  • SHA1

    4b8168e323f3494b53abcfbafdc8a71880b73f31

  • SHA256

    3e1192738ca50e82cb870d53c16be5d2f88f6d79524918d383920833312bc864

  • SHA512

    9617df09aad0939e3955784fd7afd9baf42d07074a9d7f0b5c2881fcffb1533a06d9636d584ee9616538c2424e4a285f7fdee9358413ca20e5b75697458de124

  • SSDEEP

    6144:ebhnot4+sbOAtbkfHLDiT6OzR8Q0l+/NyqRKbhoXqqD8Xc8B:elnot4+UwLDiT6OzR8llAgqqB

Score
10/10
netwirerat

Malware Config

Extracted

Family

netwire

C2

ingobea.hopto.org:6671

Attributes
  • activex_autorun

    false

  • copy_executable

    false

  • delete_original

    false

  • host_id

    HostId-%Rand%

  • lock_executable

    false

  • offline_keylogger

    false

  • password

    kongking

  • registry_autorun

    false

  • use_mutex

    false

Targets

    • Target

      2472-138-0x0000000000400000-0x0000000000450000-memory.dmp

    • Size

      320KB

    • MD5

      76bc1dd23f9e3b3c6306422284f85035

    • SHA1

      4b8168e323f3494b53abcfbafdc8a71880b73f31

    • SHA256

      3e1192738ca50e82cb870d53c16be5d2f88f6d79524918d383920833312bc864

    • SHA512

      9617df09aad0939e3955784fd7afd9baf42d07074a9d7f0b5c2881fcffb1533a06d9636d584ee9616538c2424e4a285f7fdee9358413ca20e5b75697458de124

    • SSDEEP

      6144:ebhnot4+sbOAtbkfHLDiT6OzR8Q0l+/NyqRKbhoXqqD8Xc8B:elnot4+UwLDiT6OzR8llAgqqB

    Score
    1/10
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks