Overview

overview

10

Static

static

10

4768-146-0...ry.exe

windows7-x64

4768-146-0...ry.exe

windows10-2004-x64

Sharing

Copy URL
Twitter E-mail

General

  • Target

    4768-146-0x0000000000400000-0x0000000000450000-memory.dmp

  • Size

    320KB

  • Sample

    220824-gf1gzsabb5

  • MD5

    f83a68f0a26700b4014ae5d93ae2a268

  • SHA1

    bfab052361cd4536fa02e34c041d7331c9aabf37

  • SHA256

    f914ce52a7aa5b9bb30fc6dada9aa76ea839fd7c7a6bf69d866fb765351a9a9e

  • SHA512

    ee362e30a2d43b9ebb217bd0ee68e6ebab6df0ce7d2a8d080d5dad6146a2aab361c62221e03e8423312215458c92dfe37c5e5f3e32162c3d26dea92fb8311048

  • SSDEEP

    6144:ebhnot4+sbOAtbkfHLDiT6OzR8Q0l+/NyqRKbhoXqqD8Xb8B:elnot4+UwLDiT6OzR8llAgqRB

Score
10/10
netwirerat

Malware Config

Extracted

Family

netwire

C2

augtolife.serveftp.com:500

Attributes
  • activex_autorun

    false

  • copy_executable

    false

  • delete_original

    false

  • host_id

    Aug-stub

  • install_path

    %AppData%\Install\Host.exe

  • lock_executable

    false

  • offline_keylogger

    false

  • password

    654321

  • registry_autorun

    false

  • use_mutex

    false

Targets

    • Target

      4768-146-0x0000000000400000-0x0000000000450000-memory.dmp

    • Size

      320KB

    • MD5

      f83a68f0a26700b4014ae5d93ae2a268

    • SHA1

      bfab052361cd4536fa02e34c041d7331c9aabf37

    • SHA256

      f914ce52a7aa5b9bb30fc6dada9aa76ea839fd7c7a6bf69d866fb765351a9a9e

    • SHA512

      ee362e30a2d43b9ebb217bd0ee68e6ebab6df0ce7d2a8d080d5dad6146a2aab361c62221e03e8423312215458c92dfe37c5e5f3e32162c3d26dea92fb8311048

    • SSDEEP

      6144:ebhnot4+sbOAtbkfHLDiT6OzR8Q0l+/NyqRKbhoXqqD8Xb8B:elnot4+UwLDiT6OzR8llAgqRB

    Score
    1/10
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks