General
-
Target
915044c511cc81227acb26c559cc79eafdd65f28a99b6c73493b3ac80e739855
-
Size
131KB
-
Sample
221124-p5ldcsed62
-
MD5
57ff9ec083c9603c0251fe55595b8793
-
SHA1
8c3c7148559706e5523dae28d5852554042129b0
-
SHA256
915044c511cc81227acb26c559cc79eafdd65f28a99b6c73493b3ac80e739855
-
SHA512
63f50958bd0b82057b62a4315fb9309af082ee06992949c4967bafe83407d7fcc7097d8713b2656cc5ae13c6386ec671d2a424f73b03f883d182551cdaf2770f
-
SSDEEP
3072:cnF6XpaIxS1rAPXJlfWMzMeYhLjYchZzj6ocuxdlh8CKUm2/4v4c:cnvIxAS+MAeYhLjYchZ3rcMl5KUm2/4v
Malware Config
Targets
-
-
Target
915044c511cc81227acb26c559cc79eafdd65f28a99b6c73493b3ac80e739855
-
Size
131KB
-
MD5
57ff9ec083c9603c0251fe55595b8793
-
SHA1
8c3c7148559706e5523dae28d5852554042129b0
-
SHA256
915044c511cc81227acb26c559cc79eafdd65f28a99b6c73493b3ac80e739855
-
SHA512
63f50958bd0b82057b62a4315fb9309af082ee06992949c4967bafe83407d7fcc7097d8713b2656cc5ae13c6386ec671d2a424f73b03f883d182551cdaf2770f
-
SSDEEP
3072:cnF6XpaIxS1rAPXJlfWMzMeYhLjYchZzj6ocuxdlh8CKUm2/4v4c:cnvIxAS+MAeYhLjYchZ3rcMl5KUm2/4v
Score10/10-
NetWire RAT payload
-
Netwire
Netwire is a RAT with main functionalities focused password stealing and keylogging, but also includes remote control capabilities as well.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-