Overview

overview

10

Static

static

3a4c244d3a...56.exe

windows7-x64

10

3a4c244d3a...56.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    3a4c244d3ae1e9f9ce45fd2d4551aa484f256aeda3354dc4b42a86403be35b56

  • Size

    356KB

  • Sample

    221029-et9xgabfbk

  • MD5

    e971ab88ed635c928ab36139eecbb6da

  • SHA1

    8860910e86517a56547d2d76f7903d5313077e10

  • SHA256

    3a4c244d3ae1e9f9ce45fd2d4551aa484f256aeda3354dc4b42a86403be35b56

  • SHA512

    78d97c314561cbbd0cc7e42f0bd1560fc46d56ec5c55e8997a271c7cc0d9ccf2240fc7af33912c28c4554b39e9b5b8e44acc18b4359fc796ef92be3068298c5c

  • SSDEEP

    6144:oTvspNdntRNxcGhGEi7F875mif7yL3OfytFd8HrI8wAcuL4u+NR94:oTspNtNxcmO7F87vf7J8Fak/uV+NR94

Score
10/10
netwirebotnetratstealer

Malware Config

Targets

    • Target

      3a4c244d3ae1e9f9ce45fd2d4551aa484f256aeda3354dc4b42a86403be35b56

    • Size

      356KB

    • MD5

      e971ab88ed635c928ab36139eecbb6da

    • SHA1

      8860910e86517a56547d2d76f7903d5313077e10

    • SHA256

      3a4c244d3ae1e9f9ce45fd2d4551aa484f256aeda3354dc4b42a86403be35b56

    • SHA512

      78d97c314561cbbd0cc7e42f0bd1560fc46d56ec5c55e8997a271c7cc0d9ccf2240fc7af33912c28c4554b39e9b5b8e44acc18b4359fc796ef92be3068298c5c

    • SSDEEP

      6144:oTvspNdntRNxcGhGEi7F875mif7yL3OfytFd8HrI8wAcuL4u+NR94:oTspNtNxcmO7F87vf7J8Fak/uV+NR94

    Score
    10/10
    netwirebotnetratstealer

    • NetWire RAT payload

      rat

    • Netwire

      Netwire is a RAT with main functionalities focused password stealing and keylogging, but also includes remote control capabilities as well.

      botnetstealernetwire

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks