General
-
Target
d8fbfcf1ca07bab35863380101b13af249de3f4e3ffbf7dfa3492b777134a5e5
-
Size
353KB
-
Sample
221030-n4c5xsafbn
-
MD5
a3a4b92718aca379bc2f2c71ea58f4a0
-
SHA1
d709dbd0da3ea6246714f71f5042e03417313226
-
SHA256
d8fbfcf1ca07bab35863380101b13af249de3f4e3ffbf7dfa3492b777134a5e5
-
SHA512
ba2d9cd78ea8372f3055e6f6c6d2b24ca5a8a0ec147c8674c60ae9cd4aa69ae11c4cea9e9a0dbd71c8863b6790b213b114193808fcbcad4c1f3d3f154fd7be03
-
SSDEEP
6144:JyWVJcspMJ30/hzgGjYZaEScP5mlbNEu8I4QrF2BArV1BZI5itH+s49aJ1qMFy:xpCCh8GcZaESW8lhzbiq1ac1+sDJ1qMw
Static task
static1
Behavioral task
behavioral1
Sample
d8fbfcf1ca07bab35863380101b13af249de3f4e3ffbf7dfa3492b777134a5e5.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
d8fbfcf1ca07bab35863380101b13af249de3f4e3ffbf7dfa3492b777134a5e5.exe
Resource
win10v2004-20220812-en
Malware Config
Targets
-
-
Target
d8fbfcf1ca07bab35863380101b13af249de3f4e3ffbf7dfa3492b777134a5e5
-
Size
353KB
-
MD5
a3a4b92718aca379bc2f2c71ea58f4a0
-
SHA1
d709dbd0da3ea6246714f71f5042e03417313226
-
SHA256
d8fbfcf1ca07bab35863380101b13af249de3f4e3ffbf7dfa3492b777134a5e5
-
SHA512
ba2d9cd78ea8372f3055e6f6c6d2b24ca5a8a0ec147c8674c60ae9cd4aa69ae11c4cea9e9a0dbd71c8863b6790b213b114193808fcbcad4c1f3d3f154fd7be03
-
SSDEEP
6144:JyWVJcspMJ30/hzgGjYZaEScP5mlbNEu8I4QrF2BArV1BZI5itH+s49aJ1qMFy:xpCCh8GcZaESW8lhzbiq1ac1+sDJ1qMw
Score10/10-
Modifies WinLogon for persistence
-
NetWire RAT payload
-
Uses the VBS compiler for execution
-
Suspicious use of SetThreadContext
-