Overview

overview

10

Static

static

2269bc1d06...45.exe

windows7-x64

10

2269bc1d06...45.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2269bc1d06260a0eabaf8927b13c2f2af46ddaeff896eb8e1d5d55c549ee2f45

  • Size

    136KB

  • Sample

    221011-x25a3abchm

  • MD5

    79ab9456804604d09f61971be7bca6e0

  • SHA1

    a248e55f44535af03155d39a3a4238b01f8c547f

  • SHA256

    2269bc1d06260a0eabaf8927b13c2f2af46ddaeff896eb8e1d5d55c549ee2f45

  • SHA512

    0e3eb6a9f5c4029e9969f4b5533159893b5d23456f4c921ec62950ba5a6eb99379714819b18dc5a36851bd744eda1fdd56f749e27b838bf7eac67479c237866a

  • SSDEEP

    3072:fDYGrNMoDe7BQA0bLVZ9xthsDgichP9eATG1pnrH:7YgFYBQNLVnxgDRcWA

Score
10/10
netwirebotnetpersistenceratstealer

Malware Config

Targets

    • Target

      2269bc1d06260a0eabaf8927b13c2f2af46ddaeff896eb8e1d5d55c549ee2f45

    • Size

      136KB

    • MD5

      79ab9456804604d09f61971be7bca6e0

    • SHA1

      a248e55f44535af03155d39a3a4238b01f8c547f

    • SHA256

      2269bc1d06260a0eabaf8927b13c2f2af46ddaeff896eb8e1d5d55c549ee2f45

    • SHA512

      0e3eb6a9f5c4029e9969f4b5533159893b5d23456f4c921ec62950ba5a6eb99379714819b18dc5a36851bd744eda1fdd56f749e27b838bf7eac67479c237866a

    • SSDEEP

      3072:fDYGrNMoDe7BQA0bLVZ9xthsDgichP9eATG1pnrH:7YgFYBQNLVnxgDRcWA

    Score
    10/10
    netwirebotnetpersistenceratstealer

    • NetWire RAT payload

      rat

    • Netwire

      Netwire is a RAT with main functionalities focused password stealing and keylogging, but also includes remote control capabilities as well.

      botnetstealernetwire

    • Modifies Installed Components in the registry

      persistence

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks