Overview

overview

10

Static

static

10

1544-68-0x...ry.exe

windows7-x64

1

1544-68-0x...ry.exe

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1544-68-0x0000000000410000-0x0000000000924000-memory.dmp

  • Size

    5.1MB

  • Sample

    221003-q3q2hahgd8

  • MD5

    a85778482fe5e7fb266f9c7388a2b422

  • SHA1

    14ce0a14e9c4ccbace77cb8e7e0973d91a597c02

  • SHA256

    fc42321905ea799088246ac846db33d4de5f0c4a17cb052f73cd20b33c0edc9f

  • SHA512

    1ed384b339769688e7c17657c63ab40d90a4fd7af111f9343876b642f49eb62be9e404c6ea2cf8b7be82e48b17cce468a0f6ec7cf8ced5e1e2269f0ec5996120

  • SSDEEP

    6144:d34sxRXfpYvW/aMJdSGLltVrPmDskzVqqD0Ffo:isvXfpuWiMvFruDsvqEg

Score
10/10
netwirerat

Malware Config

Extracted

Family

netwire

C2

212.193.30.230:3363

Attributes
  • activex_autorun

    false

  • copy_executable

    false

  • delete_original

    false

  • host_id

    HostId-%Rand%

  • keylogger_dir

    %AppData%\Logs\

  • lock_executable

    false

  • offline_keylogger

    true

  • password

    Password@2

  • registry_autorun

    false

  • use_mutex

    false

Targets

    • Target

      1544-68-0x0000000000410000-0x0000000000924000-memory.dmp

    • Size

      5.1MB

    • MD5

      a85778482fe5e7fb266f9c7388a2b422

    • SHA1

      14ce0a14e9c4ccbace77cb8e7e0973d91a597c02

    • SHA256

      fc42321905ea799088246ac846db33d4de5f0c4a17cb052f73cd20b33c0edc9f

    • SHA512

      1ed384b339769688e7c17657c63ab40d90a4fd7af111f9343876b642f49eb62be9e404c6ea2cf8b7be82e48b17cce468a0f6ec7cf8ced5e1e2269f0ec5996120

    • SSDEEP

      6144:d34sxRXfpYvW/aMJdSGLltVrPmDskzVqqD0Ffo:isvXfpuWiMvFruDsvqEg

    Score
    3/10
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks