General
-
Target
895eb1a84c9ea5ba41e7a044cd4d53ff30c81c5fbf11284d44400f12cf3e012f
-
Size
138KB
-
Sample
221029-m88a7adde7
-
MD5
77dfe5880ce35fe13c0f50a142ab8907
-
SHA1
e87635becb3234776d8e70e89cdd1669cae33e37
-
SHA256
895eb1a84c9ea5ba41e7a044cd4d53ff30c81c5fbf11284d44400f12cf3e012f
-
SHA512
cd157579223e86a3c3d9e2ef88ab87f558801cd8cac947242338e09493826e7777465384f594471f44087422fcd3b3fcdf5ed0dc2df2b023e5fc815f000eb5d4
-
SSDEEP
3072:bAsj8MBX8s0oXJn45Hy381mrQ3cPSgWq1SLrsDBL5EGrDx4d4:bAsBZd8Y8gUAs+DBdY4
Static task
static1
Behavioral task
behavioral1
Sample
895eb1a84c9ea5ba41e7a044cd4d53ff30c81c5fbf11284d44400f12cf3e012f.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
895eb1a84c9ea5ba41e7a044cd4d53ff30c81c5fbf11284d44400f12cf3e012f.exe
Resource
win10v2004-20220812-en
Malware Config
Targets
-
-
Target
895eb1a84c9ea5ba41e7a044cd4d53ff30c81c5fbf11284d44400f12cf3e012f
-
Size
138KB
-
MD5
77dfe5880ce35fe13c0f50a142ab8907
-
SHA1
e87635becb3234776d8e70e89cdd1669cae33e37
-
SHA256
895eb1a84c9ea5ba41e7a044cd4d53ff30c81c5fbf11284d44400f12cf3e012f
-
SHA512
cd157579223e86a3c3d9e2ef88ab87f558801cd8cac947242338e09493826e7777465384f594471f44087422fcd3b3fcdf5ed0dc2df2b023e5fc815f000eb5d4
-
SSDEEP
3072:bAsj8MBX8s0oXJn45Hy381mrQ3cPSgWq1SLrsDBL5EGrDx4d4:bAsBZd8Y8gUAs+DBdY4
Score10/10-
NetWire RAT payload
-
Loads dropped DLL
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-