General
-
Target
c9bca322e28b873296b0af3faf0b6b2e6fe10ed3b70c973c98656a46a94f41cd
-
Size
496KB
-
Sample
221029-jkhtvaggbj
-
MD5
5288451330d4b0ab62ce4d6460f548e3
-
SHA1
053b51399d83ec927fab2b1c535e7091f1543d9e
-
SHA256
c9bca322e28b873296b0af3faf0b6b2e6fe10ed3b70c973c98656a46a94f41cd
-
SHA512
53ea59c537de36cc599995664d5fe4d9e2b71b50b74f9d49c5a58da522116e0b5b883616b4ee53caab3894703fdb790c9a5ac8bb32aa84e439117697bb5b8be7
-
SSDEEP
6144:2LEFH/67+WNNYvBJAK6iqRCtgXUGGH2c:2+oNYvBCKnqROgXq
Malware Config
Targets
-
-
Target
c9bca322e28b873296b0af3faf0b6b2e6fe10ed3b70c973c98656a46a94f41cd
-
Size
496KB
-
MD5
5288451330d4b0ab62ce4d6460f548e3
-
SHA1
053b51399d83ec927fab2b1c535e7091f1543d9e
-
SHA256
c9bca322e28b873296b0af3faf0b6b2e6fe10ed3b70c973c98656a46a94f41cd
-
SHA512
53ea59c537de36cc599995664d5fe4d9e2b71b50b74f9d49c5a58da522116e0b5b883616b4ee53caab3894703fdb790c9a5ac8bb32aa84e439117697bb5b8be7
-
SSDEEP
6144:2LEFH/67+WNNYvBJAK6iqRCtgXUGGH2c:2+oNYvBCKnqROgXq
Score10/10-
NetWire RAT payload
-
Netwire
Netwire is a RAT with main functionalities focused password stealing and keylogging, but also includes remote control capabilities as well.
-
Executes dropped EXE
-
Modifies Installed Components in the registry
-
Loads dropped DLL
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-