General
-
Target
d1be6471a46b5d2cae582b6bad0646cc3b59c85df440363a77f2bb41ab553e82
-
Size
396KB
-
Sample
221013-wnp4jsgbfl
-
MD5
6c33cc232ababa439e295a455f3980a0
-
SHA1
774365e9521f8087145820b49814d28f37e5c65e
-
SHA256
d1be6471a46b5d2cae582b6bad0646cc3b59c85df440363a77f2bb41ab553e82
-
SHA512
48c9aa276dc7532766865b3159f5d2c9b9f8cb942060ddc1d311eff8a5d3e8a52fa0ae353975a6ea19625c5e7f9a285602784b3ae8f0b5c50f9bdda19c4ce347
-
SSDEEP
3072:LBB+77tPHkDLQ2AhPlG/1WBZf7qF/Z2iYmsdxDxUxt6mDLoGrww9JGbtENmszvZ+:Lf+7ODLQ2GEWBZE22lnNlRRP
Static task
static1
Behavioral task
behavioral1
Sample
d1be6471a46b5d2cae582b6bad0646cc3b59c85df440363a77f2bb41ab553e82.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
d1be6471a46b5d2cae582b6bad0646cc3b59c85df440363a77f2bb41ab553e82.exe
Resource
win10v2004-20220812-en
Malware Config
Targets
-
-
Target
d1be6471a46b5d2cae582b6bad0646cc3b59c85df440363a77f2bb41ab553e82
-
Size
396KB
-
MD5
6c33cc232ababa439e295a455f3980a0
-
SHA1
774365e9521f8087145820b49814d28f37e5c65e
-
SHA256
d1be6471a46b5d2cae582b6bad0646cc3b59c85df440363a77f2bb41ab553e82
-
SHA512
48c9aa276dc7532766865b3159f5d2c9b9f8cb942060ddc1d311eff8a5d3e8a52fa0ae353975a6ea19625c5e7f9a285602784b3ae8f0b5c50f9bdda19c4ce347
-
SSDEEP
3072:LBB+77tPHkDLQ2AhPlG/1WBZf7qF/Z2iYmsdxDxUxt6mDLoGrww9JGbtENmszvZ+:Lf+7ODLQ2GEWBZE22lnNlRRP
Score10/10-
NetWire RAT payload
-
Executes dropped EXE
-
Modifies Installed Components in the registry
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-