General
-
Target
3c1e6cd3871d8aa14b4ea85689393b48.exe
-
Size
7KB
-
Sample
221117-j8z32aea28
-
MD5
3c1e6cd3871d8aa14b4ea85689393b48
-
SHA1
9b05cf7551df9ec8a772253bd6b1222388e4d60e
-
SHA256
35a2e0e9daf4aaa64a5e8057eb6114c95bb4326763f768e09dbf25b57b387766
-
SHA512
b19d1f8c42415ec620aaee7da2e6710630c027b8210ce11ed71db3e3e12c3523c34bf71804b7702950569104ab811ae17e6c5d2e25fe4480b778923cccaa6919
-
SSDEEP
192:Y9O488udnr3gTZ4ELGDM9xyXAVxVVdWS75HjXEU0F:Y9O48jdUZ4ELWM9QeP5b90
Static task
static1
Behavioral task
behavioral1
Sample
3c1e6cd3871d8aa14b4ea85689393b48.exe
Resource
win7-20221111-en
Malware Config
Targets
-
-
Target
3c1e6cd3871d8aa14b4ea85689393b48.exe
-
Size
7KB
-
MD5
3c1e6cd3871d8aa14b4ea85689393b48
-
SHA1
9b05cf7551df9ec8a772253bd6b1222388e4d60e
-
SHA256
35a2e0e9daf4aaa64a5e8057eb6114c95bb4326763f768e09dbf25b57b387766
-
SHA512
b19d1f8c42415ec620aaee7da2e6710630c027b8210ce11ed71db3e3e12c3523c34bf71804b7702950569104ab811ae17e6c5d2e25fe4480b778923cccaa6919
-
SSDEEP
192:Y9O488udnr3gTZ4ELGDM9xyXAVxVVdWS75HjXEU0F:Y9O48jdUZ4ELWM9QeP5b90
-
NetWire RAT payload
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Suspicious use of SetThreadContext
-