General
-
Target
SecuriteInfo.com.Win32.PWSX-gen.22708.exe
-
Size
1.0MB
-
Sample
220906-mtys7sgger
-
MD5
36bbd93c688ce11d683d10ed01cd5d60
-
SHA1
8b72802402ca8e518e85730982cf35152af95d9d
-
SHA256
584cbae08a96d4288bc0a6f0f12cdebaac0cdf9fc401cfac823686072070bfdb
-
SHA512
3602a18721d6c6f0cecce546c7085a05940428e77f2d9b01dd766647378bd30050ba328268e9009ae23c20ffc898dca7c6733855253a0a27cb8f015a4c499c1a
-
SSDEEP
12288:E4ASzm41hw4e/ehLrzEybfYAM34h9LFgj/Ew1UyHwhvJE334Gn1EB0h4s6iQ5lHk:pASqL4LJw3kgQAUyQR6TEBZd5O4
Static task
static1
Behavioral task
behavioral1
Sample
SecuriteInfo.com.Win32.PWSX-gen.22708.exe
Resource
win7-20220901-en
Malware Config
Targets
-
-
Target
SecuriteInfo.com.Win32.PWSX-gen.22708.exe
-
Size
1.0MB
-
MD5
36bbd93c688ce11d683d10ed01cd5d60
-
SHA1
8b72802402ca8e518e85730982cf35152af95d9d
-
SHA256
584cbae08a96d4288bc0a6f0f12cdebaac0cdf9fc401cfac823686072070bfdb
-
SHA512
3602a18721d6c6f0cecce546c7085a05940428e77f2d9b01dd766647378bd30050ba328268e9009ae23c20ffc898dca7c6733855253a0a27cb8f015a4c499c1a
-
SSDEEP
12288:E4ASzm41hw4e/ehLrzEybfYAM34h9LFgj/Ew1UyHwhvJE334Gn1EB0h4s6iQ5lHk:pASqL4LJw3kgQAUyQR6TEBZd5O4
-
NetWire RAT payload
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Suspicious use of SetThreadContext
-