General
-
Target
2ed4f001b583981b4557f25d08e1e559502d1151072a0699764923aa8f1c5202
-
Size
488KB
-
Sample
221125-z592tsag2v
-
MD5
7b2cb023fc3beb3ff0238263eb63762b
-
SHA1
ab60dc5953e1069dcb197cdfd270e5f2d30fe771
-
SHA256
2ed4f001b583981b4557f25d08e1e559502d1151072a0699764923aa8f1c5202
-
SHA512
49d9fee060ea00a0e2622e77bdb6291a5a2434650b19f08c3545310b9f8f29f38601de62fc748b6d6bfa52b5f81d014ebc51f9b88ce0e58e0557255ccd7174c2
-
SSDEEP
6144:ht9Xuji6btK0AbMEQ04oMER0u+GIIIIIIIhIIIIIIIIIIIIIIIUB:hjAteAEhDm5B
Static task
static1
Behavioral task
behavioral1
Sample
2ed4f001b583981b4557f25d08e1e559502d1151072a0699764923aa8f1c5202.exe
Resource
win7-20220812-en
Malware Config
Targets
-
-
Target
2ed4f001b583981b4557f25d08e1e559502d1151072a0699764923aa8f1c5202
-
Size
488KB
-
MD5
7b2cb023fc3beb3ff0238263eb63762b
-
SHA1
ab60dc5953e1069dcb197cdfd270e5f2d30fe771
-
SHA256
2ed4f001b583981b4557f25d08e1e559502d1151072a0699764923aa8f1c5202
-
SHA512
49d9fee060ea00a0e2622e77bdb6291a5a2434650b19f08c3545310b9f8f29f38601de62fc748b6d6bfa52b5f81d014ebc51f9b88ce0e58e0557255ccd7174c2
-
SSDEEP
6144:ht9Xuji6btK0AbMEQ04oMER0u+GIIIIIIIhIIIIIIIIIIIIIIIUB:hjAteAEhDm5B
-
NetWire RAT payload
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Adds Run key to start application
-