General
-
Target
6bbe27987b901223162281c8367e5f997fd1bbd9d2bdd73965c513bffeaefd88
-
Size
279KB
-
Sample
221019-s2yq3aeae9
-
MD5
82279e73735b339e79d926ee7ccda560
-
SHA1
61ad5df59728cfd2f0890d59726629845b075f68
-
SHA256
6bbe27987b901223162281c8367e5f997fd1bbd9d2bdd73965c513bffeaefd88
-
SHA512
50307bd3840e134d4251d8b4d69de0ea93ca9c3739ba991e6ade1c337edfe14e5de8bfee53a2cc427f93c5b185d1e758fd68e5d4e264fa4b52d2c5dff91d8fe4
-
SSDEEP
6144:t4s76tVXVgMBdhmE6xjDWV4hDbacmfhrb:t4vvX+MBLmXWyh3jmfhP
Static task
static1
Behavioral task
behavioral1
Sample
6bbe27987b901223162281c8367e5f997fd1bbd9d2bdd73965c513bffeaefd88.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
6bbe27987b901223162281c8367e5f997fd1bbd9d2bdd73965c513bffeaefd88.exe
Resource
win10v2004-20220812-en
Malware Config
Targets
-
-
Target
6bbe27987b901223162281c8367e5f997fd1bbd9d2bdd73965c513bffeaefd88
-
Size
279KB
-
MD5
82279e73735b339e79d926ee7ccda560
-
SHA1
61ad5df59728cfd2f0890d59726629845b075f68
-
SHA256
6bbe27987b901223162281c8367e5f997fd1bbd9d2bdd73965c513bffeaefd88
-
SHA512
50307bd3840e134d4251d8b4d69de0ea93ca9c3739ba991e6ade1c337edfe14e5de8bfee53a2cc427f93c5b185d1e758fd68e5d4e264fa4b52d2c5dff91d8fe4
-
SSDEEP
6144:t4s76tVXVgMBdhmE6xjDWV4hDbacmfhrb:t4vvX+MBLmXWyh3jmfhP
Score10/10-
NetWire RAT payload
-
Executes dropped EXE
-
Modifies Installed Components in the registry
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-