General
-
Target
c605def48c1260429f668b322e679c9cfffe303eb3a3ce1e7cdd48ff2328807c
-
Size
91KB
-
Sample
221029-sdgsmscdcm
-
MD5
e59eb3c46870c8331d40464d1dcacc34
-
SHA1
41deeee3508275807476fbb72e4aa7b8263c9362
-
SHA256
c605def48c1260429f668b322e679c9cfffe303eb3a3ce1e7cdd48ff2328807c
-
SHA512
d0878707e5e6dd1b8e9cee3bc4c6b8bdc4b949dc6fa1f9a8755809af6e504e3983760bbe66b663d19c582347fdaa8fac0994e60bcdbcd0b3952535a53b8856e3
-
SSDEEP
1536:18l0sr8wujP2zmj0IextvIgi647CDkxN9uO+1eEm/S38zNyA3JuQQ/r:1k04LE2z8teTIgFniN9S1goONLA
Static task
static1
Behavioral task
behavioral1
Sample
c605def48c1260429f668b322e679c9cfffe303eb3a3ce1e7cdd48ff2328807c.exe
Resource
win7-20220812-en
Malware Config
Targets
-
-
Target
c605def48c1260429f668b322e679c9cfffe303eb3a3ce1e7cdd48ff2328807c
-
Size
91KB
-
MD5
e59eb3c46870c8331d40464d1dcacc34
-
SHA1
41deeee3508275807476fbb72e4aa7b8263c9362
-
SHA256
c605def48c1260429f668b322e679c9cfffe303eb3a3ce1e7cdd48ff2328807c
-
SHA512
d0878707e5e6dd1b8e9cee3bc4c6b8bdc4b949dc6fa1f9a8755809af6e504e3983760bbe66b663d19c582347fdaa8fac0994e60bcdbcd0b3952535a53b8856e3
-
SSDEEP
1536:18l0sr8wujP2zmj0IextvIgi647CDkxN9uO+1eEm/S38zNyA3JuQQ/r:1k04LE2z8teTIgFniN9S1goONLA
-
NetWire RAT payload
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Suspicious use of SetThreadContext
-