Overview

overview

10

Static

static

10

1744-96-0x...ry.exe

windows7-x64

1

1744-96-0x...ry.exe

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1744-96-0x0000000000290000-0x0000000000804000-memory.dmp

  • Size

    5.5MB

  • Sample

    220926-k4fz2aaca8

  • MD5

    5e4693e46a8e3afd9e6a8947b537b1ee

  • SHA1

    f5cb284b375f039e73d4800c6b6bd9051e98db55

  • SHA256

    11465eb5bf02ce48c4669be2c0a814ab763ad05db25f18f6e9b7a83e8b717b8a

  • SHA512

    e9889215761cfc9b1ed2a2ee2b5b8ce167df7e66af9589dc4e516299bac13c5f92aefc0b9c22a5d44fb505a60839ef709e28df930166a04ec58b2931e0161ddb

  • SSDEEP

    3072:oOcVBs7SauydcToG4lF4rsx/X7YCd2XL08YM7MqqDvFf:oO2BiSaFyToG4lF4rKXEi8z4qqDvFf

Score
10/10
netwirerat

Malware Config

Extracted

Family

netwire

C2

37.0.14.206:3384

Attributes
  • activex_autorun

    false

  • copy_executable

    true

  • delete_original

    false

  • host_id

    HostId-%Rand%

  • install_path

    %AppData%\Install\Host.exe

  • keylogger_dir

    %AppData%\Logs\

  • lock_executable

    true

  • offline_keylogger

    true

  • password

    Password234

  • registry_autorun

    false

  • use_mutex

    false

Targets

    • Target

      1744-96-0x0000000000290000-0x0000000000804000-memory.dmp

    • Size

      5.5MB

    • MD5

      5e4693e46a8e3afd9e6a8947b537b1ee

    • SHA1

      f5cb284b375f039e73d4800c6b6bd9051e98db55

    • SHA256

      11465eb5bf02ce48c4669be2c0a814ab763ad05db25f18f6e9b7a83e8b717b8a

    • SHA512

      e9889215761cfc9b1ed2a2ee2b5b8ce167df7e66af9589dc4e516299bac13c5f92aefc0b9c22a5d44fb505a60839ef709e28df930166a04ec58b2931e0161ddb

    • SSDEEP

      3072:oOcVBs7SauydcToG4lF4rsx/X7YCd2XL08YM7MqqDvFf:oO2BiSaFyToG4lF4rKXEi8z4qqDvFf

    Score
    3/10
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks