General
-
Target
d97665257217478b232f56198bfe3b4008230fa26a5175f9f64cffa9f7219b0c
-
Size
131KB
-
Sample
221126-kj8jjsaa7v
-
MD5
77f5e53b5030cb639f9bb2ef902f26ee
-
SHA1
0db6c902b19137e42a612c7d4eb73419935f4210
-
SHA256
d97665257217478b232f56198bfe3b4008230fa26a5175f9f64cffa9f7219b0c
-
SHA512
d8d3c7bd1cc4448dee485ec55d19b0bf2209e1957654f7147062162107e6c6cc9996db8d4fe1d0b49ce2a2e909acaabc24b9fe0f91679b677fd53e4a89e7e223
-
SSDEEP
3072:Fm7Ip3oAnZ3MJ5JRLWGZ5kgchum4H5E6To7NZchK:Fm+3oABMJrRLWGZuZhu5H5E6ToJN
Static task
static1
Behavioral task
behavioral1
Sample
d97665257217478b232f56198bfe3b4008230fa26a5175f9f64cffa9f7219b0c.exe
Resource
win7-20220901-en
Behavioral task
behavioral2
Sample
d97665257217478b232f56198bfe3b4008230fa26a5175f9f64cffa9f7219b0c.exe
Resource
win10v2004-20220812-en
Malware Config
Targets
-
-
Target
d97665257217478b232f56198bfe3b4008230fa26a5175f9f64cffa9f7219b0c
-
Size
131KB
-
MD5
77f5e53b5030cb639f9bb2ef902f26ee
-
SHA1
0db6c902b19137e42a612c7d4eb73419935f4210
-
SHA256
d97665257217478b232f56198bfe3b4008230fa26a5175f9f64cffa9f7219b0c
-
SHA512
d8d3c7bd1cc4448dee485ec55d19b0bf2209e1957654f7147062162107e6c6cc9996db8d4fe1d0b49ce2a2e909acaabc24b9fe0f91679b677fd53e4a89e7e223
-
SSDEEP
3072:Fm7Ip3oAnZ3MJ5JRLWGZ5kgchum4H5E6To7NZchK:Fm+3oABMJrRLWGZuZhu5H5E6ToJN
Score10/10-
NetWire RAT payload
-
Modifies Installed Components in the registry
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-