General
-
Target
1a0c1bff9b70bf53242b79c26a2926d24ea700d99d77b112510e1f804114fc53
-
Size
190KB
-
Sample
221126-cd26ksgf6x
-
MD5
1da161c8028bd59380b4fc11b63c1574
-
SHA1
d4b46c3048cedd4c731fba3c36a10b4251f2ac80
-
SHA256
1a0c1bff9b70bf53242b79c26a2926d24ea700d99d77b112510e1f804114fc53
-
SHA512
1680e2c42af6fbaaa57181fb6e023c95feb9800e3522e014d98cdc16f1bf817eb96674f9c2ab4768f2ddae00571df919ed977f2a610a77b67f91b46fef79ef91
-
SSDEEP
3072:ZGzA642h9j0D+O3kIY1TOP3YitxWhzvJUMyqYgbmNQ4+t9uyOG3ymF1ECOch:YO0f1TOYiMyM7ey
Malware Config
Targets
-
-
Target
1a0c1bff9b70bf53242b79c26a2926d24ea700d99d77b112510e1f804114fc53
-
Size
190KB
-
MD5
1da161c8028bd59380b4fc11b63c1574
-
SHA1
d4b46c3048cedd4c731fba3c36a10b4251f2ac80
-
SHA256
1a0c1bff9b70bf53242b79c26a2926d24ea700d99d77b112510e1f804114fc53
-
SHA512
1680e2c42af6fbaaa57181fb6e023c95feb9800e3522e014d98cdc16f1bf817eb96674f9c2ab4768f2ddae00571df919ed977f2a610a77b67f91b46fef79ef91
-
SSDEEP
3072:ZGzA642h9j0D+O3kIY1TOP3YitxWhzvJUMyqYgbmNQ4+t9uyOG3ymF1ECOch:YO0f1TOYiMyM7ey
Score10/10-
NetWire RAT payload
-
Netwire
Netwire is a RAT with main functionalities focused password stealing and keylogging, but also includes remote control capabilities as well.
-
Modifies Installed Components in the registry
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-