General
-
Target
f13046a5373d4862bd6968c2ddbc5776075e2e6d39de1f7b319c9bb2bf125721
-
Size
240KB
-
Sample
221020-xypffabag9
-
MD5
a07fb2ef06380c32ba1c916092576f71
-
SHA1
3204163ac87633c3dd18e4c6168eecf5014c408e
-
SHA256
f13046a5373d4862bd6968c2ddbc5776075e2e6d39de1f7b319c9bb2bf125721
-
SHA512
1448295c1775590ecf9c096646e28f91f60b68f098b1f8ffdb40bd8d98b6b50363b1ebcac2fe25217e604e232eda2e9d4b6e4795b141f46008b7d7c14814193f
-
SSDEEP
3072:CvS8k/Mbsig+Y/zhUGT3PsWJHduQ/HBeCLCXWO7PlSSIyengTNc7WQY3lDQSV54x:fjz1PsguEfCXp7PASDTNcaQilDRv
Static task
static1
Behavioral task
behavioral1
Sample
f13046a5373d4862bd6968c2ddbc5776075e2e6d39de1f7b319c9bb2bf125721.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
f13046a5373d4862bd6968c2ddbc5776075e2e6d39de1f7b319c9bb2bf125721.exe
Resource
win10v2004-20220812-en
Malware Config
Targets
-
-
Target
f13046a5373d4862bd6968c2ddbc5776075e2e6d39de1f7b319c9bb2bf125721
-
Size
240KB
-
MD5
a07fb2ef06380c32ba1c916092576f71
-
SHA1
3204163ac87633c3dd18e4c6168eecf5014c408e
-
SHA256
f13046a5373d4862bd6968c2ddbc5776075e2e6d39de1f7b319c9bb2bf125721
-
SHA512
1448295c1775590ecf9c096646e28f91f60b68f098b1f8ffdb40bd8d98b6b50363b1ebcac2fe25217e604e232eda2e9d4b6e4795b141f46008b7d7c14814193f
-
SSDEEP
3072:CvS8k/Mbsig+Y/zhUGT3PsWJHduQ/HBeCLCXWO7PlSSIyengTNc7WQY3lDQSV54x:fjz1PsguEfCXp7PASDTNcaQilDRv
Score10/10-
NetWire RAT payload
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-