General
-
Target
e5ac9628252f520471a5ae127f223b55b83f5604cb0c0d3bba3f5fa4e9709e10
-
Size
101KB
-
Sample
221126-kftk8aeh48
-
MD5
f9f38a7416ac851a786fb5df71304051
-
SHA1
61920a26e9fce072c8a18bb639e75d0086ab10d5
-
SHA256
e5ac9628252f520471a5ae127f223b55b83f5604cb0c0d3bba3f5fa4e9709e10
-
SHA512
d4d535c25d3c86d5fb41f503cf0aa73a4b4a8bfa0ca3dce967fdda5a2bc988b70621470d6fa41217740318be4de94908089158e7385a75208faab12f6b97a832
-
SSDEEP
3072:VwJ52Y7ZoH5XJaj+WMiIxspYnKN1bI5XLrx8:VwHysJMde8KN1Qrx8
Static task
static1
Behavioral task
behavioral1
Sample
e5ac9628252f520471a5ae127f223b55b83f5604cb0c0d3bba3f5fa4e9709e10.exe
Resource
win7-20220901-en
Malware Config
Targets
-
-
Target
e5ac9628252f520471a5ae127f223b55b83f5604cb0c0d3bba3f5fa4e9709e10
-
Size
101KB
-
MD5
f9f38a7416ac851a786fb5df71304051
-
SHA1
61920a26e9fce072c8a18bb639e75d0086ab10d5
-
SHA256
e5ac9628252f520471a5ae127f223b55b83f5604cb0c0d3bba3f5fa4e9709e10
-
SHA512
d4d535c25d3c86d5fb41f503cf0aa73a4b4a8bfa0ca3dce967fdda5a2bc988b70621470d6fa41217740318be4de94908089158e7385a75208faab12f6b97a832
-
SSDEEP
3072:VwJ52Y7ZoH5XJaj+WMiIxspYnKN1bI5XLrx8:VwHysJMde8KN1Qrx8
-
NetWire RAT payload
-
Modifies Installed Components in the registry
-
Loads dropped DLL
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-