General
-
Target
1a0c1bff9b70bf53242b79c26a2926d24ea700d99d77b112510e1f804114fc53
-
Size
190KB
-
Sample
221126-cd26ksgf6x
-
MD5
1da161c8028bd59380b4fc11b63c1574
-
SHA1
d4b46c3048cedd4c731fba3c36a10b4251f2ac80
-
SHA256
1a0c1bff9b70bf53242b79c26a2926d24ea700d99d77b112510e1f804114fc53
-
SHA512
1680e2c42af6fbaaa57181fb6e023c95feb9800e3522e014d98cdc16f1bf817eb96674f9c2ab4768f2ddae00571df919ed977f2a610a77b67f91b46fef79ef91
-
SSDEEP
3072:ZGzA642h9j0D+O3kIY1TOP3YitxWhzvJUMyqYgbmNQ4+t9uyOG3ymF1ECOch:YO0f1TOYiMyM7ey
Static task
static1
Behavioral task
behavioral1
Sample
1a0c1bff9b70bf53242b79c26a2926d24ea700d99d77b112510e1f804114fc53.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
1a0c1bff9b70bf53242b79c26a2926d24ea700d99d77b112510e1f804114fc53.exe
Resource
win10v2004-20221111-en
Malware Config
Targets
-
-
Target
1a0c1bff9b70bf53242b79c26a2926d24ea700d99d77b112510e1f804114fc53
-
Size
190KB
-
MD5
1da161c8028bd59380b4fc11b63c1574
-
SHA1
d4b46c3048cedd4c731fba3c36a10b4251f2ac80
-
SHA256
1a0c1bff9b70bf53242b79c26a2926d24ea700d99d77b112510e1f804114fc53
-
SHA512
1680e2c42af6fbaaa57181fb6e023c95feb9800e3522e014d98cdc16f1bf817eb96674f9c2ab4768f2ddae00571df919ed977f2a610a77b67f91b46fef79ef91
-
SSDEEP
3072:ZGzA642h9j0D+O3kIY1TOP3YitxWhzvJUMyqYgbmNQ4+t9uyOG3ymF1ECOch:YO0f1TOYiMyM7ey
Score10/10-
NetWire RAT payload
-
Modifies Installed Components in the registry
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-