General
-
Target
171ad58a103d1423121271b010d0b630ce24d9e2645d8cf74bc49734190c7127
-
Size
751KB
-
Sample
221126-2cy5zadd41
-
MD5
378cf525bbf5c7061467267a795d075c
-
SHA1
92c08cb5010d07e127f14a4eac5793b21528925b
-
SHA256
171ad58a103d1423121271b010d0b630ce24d9e2645d8cf74bc49734190c7127
-
SHA512
d3417463c1e22debe839cde336dd44a1e6067253ad02da767853167ac49cc4f977a7da97e05c80021cbd8efde9978d75c4cb0488d11c2a89baf59684bd08f52a
-
SSDEEP
12288:NJqC8p6x2r57DmkTd0ihm4XNzDU55JPvq+pGq/XS4zp0kC5QWvHU:NJb8fN2GdRmEzGPvq+pGq/XS4zp0k/
Malware Config
Targets
-
-
Target
171ad58a103d1423121271b010d0b630ce24d9e2645d8cf74bc49734190c7127
-
Size
751KB
-
MD5
378cf525bbf5c7061467267a795d075c
-
SHA1
92c08cb5010d07e127f14a4eac5793b21528925b
-
SHA256
171ad58a103d1423121271b010d0b630ce24d9e2645d8cf74bc49734190c7127
-
SHA512
d3417463c1e22debe839cde336dd44a1e6067253ad02da767853167ac49cc4f977a7da97e05c80021cbd8efde9978d75c4cb0488d11c2a89baf59684bd08f52a
-
SSDEEP
12288:NJqC8p6x2r57DmkTd0ihm4XNzDU55JPvq+pGq/XS4zp0kC5QWvHU:NJb8fN2GdRmEzGPvq+pGq/XS4zp0k/
Score10/10-
NetWire RAT payload
-
Netwire
Netwire is a RAT with main functionalities focused password stealing and keylogging, but also includes remote control capabilities as well.
-
Modifies Installed Components in the registry
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-